CVE-2022-39161 Information

Description

IBM WebSphere Application Server 7.0 8.0 8.5 9.0 and IBM WebSphere Application Server Liberty when configured to communicate with the Web Server Plug-ins for IBM WebSphere Application Server could allow an authenticated user to conduct spoofing attacks. A man-in-the-middle attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information. IBM X-Force ID: 235069.

Reference

https://exchange.xforce.ibmcloud.com/vulnerabilities/235069 https://https://www.ibm.com/support/pages/node/6987779