CRLF Injection Vulnerability in IBM WebSphere Application Server (WAS)

CRLF Injection Vulnerability in IBM WebSphere Application Server (WAS)

CVE-2016-0359 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

CRLF injection vulnerability in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 Full before 8.5.5.10, and 8.5 Liberty before Liberty Fix Pack 16.0.0.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.

Learn more about our Cis Benchmark Audit For Ibm I.