CVE Vulnerabilities

CVE-2015-2028

Published: Oct 04, 2015 | Modified: Oct 05, 2015
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.

Affected Software

Name Vendor Start Version End Version
Websphere_extreme_scale Ibm 7.1.0.2 7.1.0.2
Websphere_extreme_scale Ibm 7.1.0 7.1.0
Websphere_extreme_scale Ibm 7.1.1 7.1.1

References