This security bulletin contains one medium risk vulnerability.
Exploit availability: NoDescription
The vulnerability allows a remote attacker to execute identity spoofing attacks.
The vulnerability exists due to an unspecified error in IBM WebSphere Application Server Liberty. A remote authenticated user can send a specially crafted request to perform identity spoofing attacks.Mitigation
Install update from vendor's website.Vulnerable software versions
Liberty for Java for IBM Cloud: 3.69-20220426-1537 - 3.71-20220621-1017
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?