CRLF Injection Vulnerability in IBM WebSphere Application Server (WAS)

CRLF Injection Vulnerability in IBM WebSphere Application Server (WAS)

CVE-2015-2017 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

CRLF injection vulnerability in IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.47, 7.0 before 7.0.0.39, 8.0 before 8.0.0.12, and 8.5 before 8.5.5.8 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.

Learn more about our Cis Benchmark Audit For Ibm I.