Back to search
CVE-2013-0482
Published: May 29, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 through 8.5.0.2 and WebSphere Message Broker 6.1, 7.0 through 7.0.0.5, and 8.0 through 8.0.0.2, when WS-Security is used, allows remote attackers to spoof the signatures of messages via a crafted SOAP message, related to a "Signature Wrap attack," a different vulnerability than CVE-2011-1377 and CVE-2013-0489.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
PM76582
vendor-advisory
x_refsource_AIXAPAR
http://www-01.ibm.com/support/docview.wss?uid=swg21635474
x_refsource_CONFIRM
IC88185
vendor-advisory
x_refsource_AIXAPAR
PM86026
vendor-advisory
x_refsource_AIXAPAR
http://www-01.ibm.com/support/docview.wss?uid=swg21634646
x_refsource_CONFIRM
was-wssecurity-spoofing(81548)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now