ГлавнаяУязвимости → CVE-2026-8646
7.4высокая

CVE-2026-8646

Описание

IBM WebSphere Application Server 9.0 and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are vulnerable to HTTP request smuggling. A remote attacker could smuggle a specially crafted request to the application server thereby allowing the attacker to bypass security controls, spoof identity, escalate privilege, and expose sensitive information.

Затрагиваемое ПО
Ibm Websphere application serverApple MacosIbm AixIbm IIbm Z\/osLinux Linux kernelMicrosoft Windows
CVSS
Балл7.4 — высокая
ВекторCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Источники
https://www.ibm.com/support/pages/node/7276579