The API Discovery implementation in IBM WebSphere Application Server (WAS) 8.5.5.8 up to and including 8.5.5.9 Liberty before Liberty Fix Pack 16.0.0.2 allows remote authenticated users to gain privileges via an external reference in a Swagger document.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm websphere application server 8.5.5.8 |
||
ibm websphere application server 8.5.5.9 |