Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:4816
HistoryFeb 23, 2009 - 12:00 a.m.

IBM WebSphere Partner Gateway RNIF文档绕过安全限制漏洞

2009-02-2300:00:00
Root
www.seebug.org
28

0.003 Low

EPSS

Percentile

68.0%

JSON

BUGTRAQ ID: 33839
CVE(CAN) ID: CVE-2009-0440

WebSphere Partner Gateway是一个轻量级、易于使用、经济高效的B2B连接工具。

WebSphere Partner Gateway没有正确地处理签名验证失败,通过认证的远程攻击者可以绕过签名验证向后端应用提交恶意的RNIF文档。

IBM WebSphere Partner Gateway 6.0.0 - 6.0.0.7
厂商补丁:

IBM

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

<a href=“http://www-01.ibm.com/support/docview.wss?uid=swg21330341” target=“_blank”>http://www-01.ibm.com/support/docview.wss?uid=swg21330341</a>

Related

cve 1
prion 1
cvelist 1
nvd 1
cve
cve
CVE-2009-0440
2009-02-22 22:30:00
prion
prion
Design/Logic Flaw
2009-02-22 22:30:00
cvelist
cvelist
CVE-2009-0440
2009-02-22 22:00:00
nvd
nvd
CVE-2009-0440
2009-02-22 22:30:00

0.003 Low

EPSS

Percentile

68.0%

JSON
Related for SSV:4816
cve1prion1cvelist1nvd1