Design/Logic Flaw

2010-11-0921:00:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

High

0.014 Low

EPSS

Percentile

86.5%

JSON

The Web Services Security component in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.13 does not properly implement the Java API for XML Web Services (aka JAX-WS), which allows remote attackers to cause a denial of service (data corruption) via a crafted JAX-WS request that leads to incorrectly encoded data.

CPENameOperatorVersion
websphere_application_servereq7.0.0.12
websphere_application_servereq7.0.0.2
websphere_application_servereq7.0.0.5
websphere_application_servereq7.0.0.9
websphere_application_servereq7.0.0.4
websphere_application_servereq7.0.0.11
websphere_application_servereq7.0
websphere_application_servereq7.0.0.8
websphere_application_servereq7.0.0.6
websphere_application_servereq7.0.0.7

Name	Operator	Version
websphere_application_server	eq	7.0.0.12
websphere_application_server	eq	7.0.0.2
websphere_application_server	eq	7.0.0.5
websphere_application_server	eq	7.0.0.9
websphere_application_server	eq	7.0.0.4
websphere_application_server	eq	7.0.0.11
websphere_application_server	eq	7.0
websphere_application_server	eq	7.0.0.8
websphere_application_server	eq	7.0.0.6
websphere_application_server	eq	7.0.0.7