CVE-2008-4283

CRLF injection vulnerability in the WebContainer component in IBM WebSphere Application Server (WAS) 5.1.1.19 and earlier 5.1.x versions allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
ibmwebsphere_application_server
𝑥
≤ 5.1.1.19
ibmwebsphere_application_server
5.0
ibmwebsphere_application_server
5.0
ibmwebsphere_application_server
5.0.0
ibmwebsphere_application_server
5.0.1
ibmwebsphere_application_server
5.0.2
ibmwebsphere_application_server
5.0.2.1
ibmwebsphere_application_server
5.0.2.2
ibmwebsphere_application_server
5.0.2.3
ibmwebsphere_application_server
5.0.2.4
ibmwebsphere_application_server
5.0.2.5
ibmwebsphere_application_server
5.0.2.6
ibmwebsphere_application_server
5.0.2.7
ibmwebsphere_application_server
5.0.2.8
ibmwebsphere_application_server
5.0.2.9
ibmwebsphere_application_server
5.0.2.10
ibmwebsphere_application_server
5.0.2.11
ibmwebsphere_application_server
5.0.2.12
ibmwebsphere_application_server
5.0.2.13
ibmwebsphere_application_server
5.0.2.14
ibmwebsphere_application_server
5.0.2.15
ibmwebsphere_application_server
5.0.2.16
ibmwebsphere_application_server
5.1.0
ibmwebsphere_application_server
5.1.0.2
ibmwebsphere_application_server
5.1.0.3
ibmwebsphere_application_server
5.1.0.4
ibmwebsphere_application_server
5.1.0.5
ibmwebsphere_application_server
5.1.1
ibmwebsphere_application_server
5.1.1.1
ibmwebsphere_application_server
5.1.1.2
ibmwebsphere_application_server
5.1.1.3
ibmwebsphere_application_server
5.1.1.4
ibmwebsphere_application_server
5.1.1.5
ibmwebsphere_application_server
5.1.1.6
ibmwebsphere_application_server
5.1.1.7
ibmwebsphere_application_server
5.1.1.8
ibmwebsphere_application_server
5.1.1.9
ibmwebsphere_application_server
5.1.1.10
ibmwebsphere_application_server
5.1.1.11
ibmwebsphere_application_server
5.1.1.12
ibmwebsphere_application_server
5.1.1.13
ibmwebsphere_application_server
5.1.1.14
ibmwebsphere_application_server
5.1.1.15
ibmwebsphere_application_server
5.1.1.16
ibmwebsphere_application_server
5.1.1.17
ibmwebsphere_application_server
5.1.1.18
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-1.ibm.com/support/docview.wss?uid=isg1SE35864
http://www-1.ibm.com/support/docview.wss?uid=swg1PK69929
http://www.securityfocus.com/bid/33700
https://exchange.xforce.ibmcloud.com/vulnerabilities/47199
http://www-1.ibm.com/support/docview.wss?uid=isg1SE35864
http://www-1.ibm.com/support/docview.wss?uid=swg1PK69929
http://www.securityfocus.com/bid/33700
https://exchange.xforce.ibmcloud.com/vulnerabilities/47199