IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.3 are vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, an attacker could exploit this vulnerability to conduct the SSRF attack. X-Force ID: 279951.
Metrics
Affected Vendors & Products
References
History
Wed, 23 Oct 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Ibm websphere Application Server Liberty
|
|
CPEs | cpe:2.3:a:ibm:websphere_application_server_liberty:*:*:*:*:*:*:*:* | |
Vendors & Products |
Ibm websphere Application Server Liberty
|
|
Metrics |
ssvc
|
Wed, 23 Oct 2024 16:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.3 are vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, an attacker could exploit this vulnerability to conduct the SSRF attack. X-Force ID: 279951. | IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.3 are vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, an attacker could exploit this vulnerability to conduct the SSRF attack. X-Force ID: 279951. |
First Time appeared |
Ibm
Ibm websphere Application Server |
|
CPEs | cpe:2.3:a:ibm:websphere_application_server:17.0.0.3:*:*:*:liberty:*:*:* cpe:2.3:a:ibm:websphere_application_server:24.0.0.3:*:*:*:liberty:*:*:* cpe:2.3:a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:* cpe:2.3:a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:* |
|
Vendors & Products |
Ibm
Ibm websphere Application Server |
MITRE
Status: PUBLISHED
Assigner: ibm
Published: 2024-04-17T01:21:46.300Z
Updated: 2024-10-23T15:47:46.996Z
Reserved: 2024-01-08T23:42:07.732Z
Link: CVE-2024-22329
Vulnrichment
Updated: 2024-08-01T22:43:34.151Z
NVD
Status : Awaiting Analysis
Published: 2024-04-17T02:15:10.947
Modified: 2024-10-23T16:15:05.493
Link: CVE-2024-22329
Redhat
No data.