Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:20749
HistoryJul 20, 2011 - 12:00 a.m.

IBM WebSphere Application Server 'logoutExitPage'参数安全绕过漏洞

2011-07-2000:00:00
Root
www.seebug.org
11

0.003 Low

EPSS

Percentile

64.6%

JSON

Bugtraq ID: 48710
CVE ID:CVE-2011-1355

IBM WebSphere Application Server是一款商业性质的WEB应用服务程序。
WebSphere Application Server对logoutExitPage参数缺少正确校验,允许远程攻击者绕过安全限制。攻击者可以利用此漏洞重定向应阻拦的域上面。

IBM Websphere Application Server 7.0
IBM Websphere Application Server 6.1
厂商解决方案
用户可参考如下供应商提供的安全公告获得补丁信息:
http://www-01.ibm.com/support/docview.wss?uid=swg1PM42436

Related

prion 1
cve 1
openvas 2
nessus 3
prion
prion
Open redirect
2011-07-19 20:55:00
cve
cve
CVE-2011-1355
2011-07-19 20:55:00
openvas
openvas
IBM WebSphere Application Multiple Vulnerabilities Jul-11
2011-07-27 00:00:00
IBM WebSphere Application Multiple Vulnerabilities (Jul 2011)
2011-07-27 00:00:00
nessus
nessus
IBM WebSphere Application Server 6.1 < 6.1.0.39 Multiple Vulnerabilities
2011-07-22 00:00:00
IBM WebSphere Application Server 7.0 < Fix Pack 19 Multiple Vulnerabilities
2011-09-19 00:00:00
IBM WebSphere Application Server 8.0 < Fix Pack 1 Multiple Vulnerabilities
2011-09-30 00:00:00

0.003 Low

EPSS

Percentile

64.6%

JSON
Related for SSV:20749
prion1cve1openvas2nessus3