Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:60238
HistoryJun 27, 2012 - 12:00 a.m.

IBM Lotus Expeditor请求标头欺骗安全限制绕过漏洞

2012-06-2700:00:00
Root
www.seebug.org
48

0.002 Low

EPSS

Percentile

53.1%

JSON

BUGTRAQ ID: 54163
CVE ID: CVE-2012-0191

IBM Lotus Expeditor之前名为IBM WebSphere Everyplace Deployment,是用于创建、部署和维护各种应用的管理客户端。

IBM Lotus Expeditor 6.2 FP5+Security Pack之前的6.1.x和6.2.x版本中的Web容器没有正确执行请求的访问控制,在实现上存在安全限制绕过漏洞,可允许远程攻击者通过特制的请求标头,绕过某些安全限制。
0
IBM Lotus Expeditor
厂商补丁:

IBM

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://www.ers.ibm.com/

Related

prion 1
cvelist 1
cve 1
nvd 1
ibm 1
prion
prion
Design/Logic Flaw
2012-06-22 10:24:00
cvelist
cvelist
CVE-2012-0191
2012-06-22 10:00:00
cve
cve
CVE-2012-0191
2012-06-22 10:24:05
nvd
nvd
CVE-2012-0191
2012-06-22 10:24:05
ibm
ibm
Security Bulletin: Multiple security vulnerabilities in IBM Sales Center for WebSphere Commerce (CVE-2008-7271, CVE-2010-4647, CVE-2012-0186, CVE-2012-0191, CVE-2012-2159, CVE-2012-2161)
2022-09-26 05:45:55

0.002 Low

EPSS

Percentile

53.1%

JSON
Related for SSV:60238
prion1cvelist1cve1nvd1ibm1