CVE-2021-39031

State: PUBLISHED · Published: 2022-01-25 · Updated: 2024-09-16 · Assigner: ibm

Description

IBM WebSphere Application Server - Liberty 17.0.0.3 through 22.0.0.1 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this vulnerability and could result in in granting permission to unauthorized resources. IBM X-Force ID: 213875.

CWE

(none)

Affected

IBM / WebSphere Application Server Liberty — v=17.0.0.3 [affected]; v=22.0.0.1 [affected]

CVSS

3.0 score=7.5 severity=HIGH CVSS:3.0/C:H/I:H/AC:H/S:U/AV:N/PR:L/A:H/UI:N/RC:C/E:U/RL:O

References

https://www.ibm.com/support/pages/node/6550488 x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/213875 vdb-entry, x_refsource_XF

Source

cvelistV5-main/cves/2021/39xxx/CVE-2021-39031.json