VDB
CNVD-2021-30589
CNVD-2021-30589
PUBLISHED
IBM WebSphere Application Server(WAS)是美国IBM公司的一款应用服务器产品。该产品是JavaEE和Web服务应用程序的平台,也是IBMWebSphere软件平台的基础。 IBM WebSphere Application Server 7.0、8.0、8.5、9.0版本存在XML外部实体注入漏洞,远程攻击者可利用该漏洞泄露敏感信息或消耗内存资源。
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IBM IBM WebSphere Application Server 9.0 | ||
| IBM IBM WebSphere Application Server 7.0 | ||
| IBM IBM WebSphere Application Server 8.5 | ||
| IBM IBM WebSphere Application Server 8.0 |
Timeline
- Apr 22, 2021 CVE ID Reserved
- Apr 25, 2021 CVE Published