IBM WebSphere Application Server Vulnerable to Identity Spoofing
CVE-2024-37532
8.8HIGH
Summary
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to identity spoofing by an authenticated user due to improper signature validation. IBM X-Force ID: 294721.
Affected Version(s)
WebSphere Application Server = 8.5, 9.0
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
HIGH
Integrity:
HIGH
Availability:
HIGH
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database