IBM WebSphere Application Server (WAS) 7.0 prior to 7.0.0.29, 8.0 prior to 8.0.0.6, and 8.5 up to and including 8.5.0.2 and WebSphere Message Broker 6.1, 7.0 up to and including 7.0.0.5, and 8.0 up to and including 8.0.0.2, when WS-Security is used, allows remote malicious users to spoof the signatures of messages via a crafted SOAP message, related to a "Signature Wrap attack," a different vulnerability than CVE-2011-1377 and CVE-2013-0489.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm websphere application server 7.0.0.6 |
||
ibm websphere application server 7.0.0.8 |
||
ibm websphere application server 7.0.0.13 |
||
ibm websphere application server 7.0 |
||
ibm websphere application server 7.0.0.2 |
||
ibm websphere application server 7.0.0.3 |
||
ibm websphere application server 7.0.0.1 |
||
ibm websphere application server 7.0.0.14 |
||
ibm websphere application server 7.0.0.10 |
||
ibm websphere application server 8.0.0.2 |
||
ibm websphere application server 8.0.0.1 |
||
ibm websphere message broker 7.0.0.5 |
||
ibm websphere message broker 7.0.0.4 |
||
ibm websphere application server 7.0.0.5 |
||
ibm websphere application server 7.0.0.9 |
||
ibm websphere application server 7.0.0.19 |
||
ibm websphere application server 7.0.0.11 |
||
ibm websphere application server 7.0.0.4 |
||
ibm websphere application server 7.0.0.15 |
||
ibm websphere application server 7.0.0.16 |
||
ibm websphere application server 7.0.0.27 |
||
ibm websphere application server 8.0.0.4 |
||
ibm websphere application server 8.0.0.3 |
||
ibm websphere message broker 8.0.0.1 |
||
ibm websphere message broker 8.0 |
||
ibm websphere message broker 6.1 |
||
ibm websphere application server 8.0.0.5 |
||
ibm websphere application server 7.0.0.21 |
||
ibm websphere application server 7.0.0.12 |
||
ibm websphere application server 7.0.0.24 |
||
ibm websphere application server 8.0.0.0 |
||
ibm websphere application server 8.5.0.1 |
||
ibm websphere message broker 7.0.0.3 |
||
ibm websphere message broker 7.0.0.2 |
||
ibm websphere application server 7.0.0.7 |
||
ibm websphere application server 7.0.0.25 |
||
ibm websphere application server 7.0.0.23 |
||
ibm websphere application server 7.0.0.17 |
||
ibm websphere application server 7.0.0.18 |
||
ibm websphere application server 7.0.0.22 |
||
ibm websphere application server 8.5.0.0 |
||
ibm websphere message broker 8.0.0.2 |
||
ibm websphere message broker 7.0.0.1 |
||
ibm websphere message broker 7.0. |