SSL Server Hostname Spoofing Vulnerability in IBM WebSphere Application Server with Ajax Proxy Web Application
CVE-2022-22365 · MEDIUM Severity
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, with the Ajax Proxy Web Application (AjaxProxy.war) deployed, is vulnerable to spoofing by allowing a man-in-the-middle attacker to spoof SSL server hostnames. IBM X-Force ID: 220904.
Learn more about our Cis Benchmark Audit For Ibm Websphere.