This security bulletin contains one medium risk vulnerability.
Exploit availability: NoDescription
The vulnerability allows a remote attacker to execute identity spoofing attacks.
The vulnerability exists due to an unspecified error in IBM WebSphere Application Server Liberty. A remote authenticated user can send a specially crafted request to perform identity spoofing attacks.Mitigation
Install update from vendor's website.Vulnerable software versions
Engineering Lifecycle Management: 7.0.1 - 7.0.2CPE2.3
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?