IBM WebSphere Partner Gateway (WPG) 6.0.0 up to and including 6.0.0.7 does not properly handle failures of signature verification, which might allow remote authenticated users to submit a crafted RosettaNet (aka RNIF) document to a backend application, related to (1) "altered service content" and (2) "digital signature foot-print."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm websphere partner gateway 6.0.0.3 |
||
ibm websphere partner gateway 6.0.0.5 |
||
ibm websphere partner gateway 6.0.0 |
||
ibm websphere partner gateway 6.0.0.7 |
||
ibm websphere partner gateway 6.0.0.1 |
||
ibm websphere partner gateway 6.0.0.6 |
||
ibm websphere partner gateway 6.0.0.2 |
||
ibm websphere partner gateway 6.0.0.4 |