Vulnerability in Ibm Websphere_extreme_scale
CVE-2015-2028
CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.
EPSS: 0.012 (64.5th percentile) — read the EPSS interpretation.
Affected products
- Ibm Websphere_extreme_scale — versions 7.1.0, 7.1.0.2, 7.1.1
- N/a — versions n/a
References
- psirt@us.ibm.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
- psirt@us.ibm.com (vendor-advisory, Patch, Vendor Advisory, x_refsource_AIXAPAR)
- psirt@us.ibm.com (vendor-advisory, Patch, Vendor Advisory, x_refsource_AIXAPAR)