CVE Vulnerabilities

CVE-2015-2028

Published: Oct 04, 2015 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.

Affected Software

Name Vendor Start Version End Version
Websphere_extreme_scale Ibm 7.1.0 (including) 7.1.0 (including)
Websphere_extreme_scale Ibm 7.1.0.2 (including) 7.1.0.2 (including)
Websphere_extreme_scale Ibm 7.1.1 (including) 7.1.1 (including)

References