PT-2024-4330 · Ibm · Ibm Websphere Application Server
Published
2024-06-20
·
Updated
2024-08-21
·
CVE-2024-37532
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
IBM WebSphere Application Server versions 8.5 through 9.0
Description
The issue is related to improper signature validation, which can be exploited by an authenticated user to spoof identities. This can allow a remote attacker to substitute identification data.
Recommendations
For IBM WebSphere Application Server versions 8.5 through 9.0, update to a version that includes the fix for the improper signature validation issue.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Verification of Cryptographic Signature
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Websphere Application Server