Description
IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are vulnerable to identity spoofing by an authenticated user using a specially crafted request. IBM X-Force ID: 225604.
CVSS breakdown
CVSS 3.0
Confidentiality
Low
Privileges Required
Low
Availability
Low
Attack Complexity
High
Attack Vector
Network
User Interaction
None
Scope
Unchanged
Integrity
Low
E
Unchanged
RL
O
RC
Changed
Affected products
- ibm / websphere_application_server___liberty17.0.0.3 – 17.0.0.3
- ibm / websphere_application_server___liberty22.0.0.7 – 22.0.0.7