The Application Snoop Servlet in IBM WebSphere Application Server 7.0 prior to 7.0.0.23 does not properly restrict access, which allows remote malicious users to obtain sensitive client and request information via a direct request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm websphere application server 7.0.0.6 |
||
ibm websphere application server 7.0.0.8 |
||
ibm websphere application server 7.0.0.17 |
||
ibm websphere application server 7.0.0.15 |
||
ibm websphere application server 7.0.0.5 |
||
ibm websphere application server 7.0.0.7 |
||
ibm websphere application server 7.0.0.11 |
||
ibm websphere application server 7.0.0.21 |
||
ibm websphere application server 7.0 |
||
ibm websphere application server 7.0.0.2 |
||
ibm websphere application server 7.0.0.1 |
||
ibm websphere application server 7.0.0.13 |
||
ibm websphere application server 7.0.0.9 |
||
ibm websphere application server 7.0.0.19 |
||
ibm websphere application server 7.0.0.4 |
||
ibm websphere application server 7.0.0.3 |