CVE-2022-35282

Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server versions 7.0 through 9.0

Description The issue allows an attacker with local network access to exploit the server-side request forgery (SSRF) vulnerability by sending a specially crafted request, potentially obtaining sensitive data.

Recommendations For versions 7.0 through 9.0, consider restricting access to sensitive data and implementing additional security measures to prevent SSRF attacks until a patch is available. As a temporary workaround, consider disabling any functionality that may be used to send specially crafted requests until a patch is available.