Medium Severity

Security Bulletin: IBM WebSphere Application Server is vulnerable to Spoofing (CVE-2022-22365)

Share this post:

IBM WebSphere Application Server is vulnerable to spoofing when the Ajax Proxy Web Application (AjaxProxy.war) is deployed. This has been addressed.

CVE(s): CVE-2022-22365

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM WebSphere Application Server 9.0
IBM WebSphere Application Server 8.5
IBM WebSphere Application Server 8.0
IBM WebSphere Application Server 7.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6587947
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/220904

More stories

Security Bulletin: IBM InfoSphere Information Server Low Level Authenticated User Can View Higher Level User And Group Listing (CVE-2022-36772)

October 6, 2022 | Medium Severity

A vulnerability in IBM InfoSphere Information Server allowed lower level authenticated user to view other users and groups list. The scope of the vulnerability was limited in nature. The flaw gave such users VIEW access only. This vulnerabity was addressed. ...read more


Security Bulletin: IBM has announced a release for IBM Security Verify Governance in response to a security vulnerability (CVE-2022-21824)

October 6, 2022 | Medium Severity

IBM has announced a release for IBM Security Verify Governance (ISVG) in response to security vulnerability. The vulnerability is caused by Node.js which could provide weaker than expected security, caused by an error related to the formatting logic of the console.table() function. ...read more


Security Bulletin: IBM InfoSphere Information Server is affected by a session management vulnerability (CVE-2022-41291)

October 6, 2022 | Medium Severity

IBM InfoSphere Information Server is affected by a session management vulnerability. ...read more