Description
IBM WebSphere Application Server - Liberty 17.0.0.3 through 22.0.0.1 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this vulnerability and could result in in granting permission to unauthorized resources. IBM X-Force ID: 213875.
CVSS breakdown
CVSS 3.0
Confidentiality
High
Integrity
High
Attack Complexity
High
Scope
Unchanged
Attack Vector
Network
Privileges Required
Low
Availability
High
User Interaction
None
RC
Changed
E
Unchanged
RL
O
Affected products
- ibm / websphere_application_server___liberty17.0.0.3 – 17.0.0.3
- ibm / websphere_application_server___liberty22.0.0.1 – 22.0.0.1