| Ãë¾àÁ¡ID |
22787 |
| À§Çèµµ |
30 |
| Æ÷Æ® |
8880, ... |
| ÇÁ·ÎÅäÄÝ |
TCP |
| ºÐ·ù |
WWW |
| »ó¼¼¼³¸í |
ÇØ´ç ½Ã½ºÅÛ¿¡´Â IBM WebSphere Application Server(8.0.x)ÀÇ 8.0.0.14 ÀÌÀü ¹öÀüÀÌ ¼³Ä¡µÇ¾î ÀÖ´Ù.
ÇØ´ç ¹öÀüÀÇ OAuth ¼ºñ½º Á¦°øÀÚ¿¡´Â ƯÁ¤ÇÑ ¹Î°¨ ÇൿÀ» ¼öÇàÇÒ ¶§ ´Ù¼öÀÇ ´Ü°è, ¸í½ÃÀû È®ÀÎ ¶Ç´Â °íÀ¯ÇÑ ÅäÅ«À» ¿ä±¸ÇÏ´Â °ÍÀÇ ½ÇÆзΠÀÎÇÑ, cross-site request forgery (XSRF) Ãë¾àÁ¡ÀÌ Á¸ÀçÇÑ´Ù. ¹Ì ÀÎÁõµÈ ¿ø°Ý °ø°ÝÀÚ´Â »ç¿ëÀÚ¸¦ Ư¼ö Á¦ÀÛµÈ ¸µÅ©·Î µû¶ó¿Àµµ·Ï ¼Ó¿©¼, ÀǵµµÇÁö ¾ÊÀº ÇൿÀ» ¼öÇàÇϵµ·Ï ÀÌ Ãë¾àÁ¡À» ¾Ç¿ëÇÒ ¼ö ÀÖ´Ù.
* ÂüÁ¶»çÀÌÆ® :
http://www-01.ibm.com/support/docview.wss?uid=swg22001226 |
| ÇØ°áÃ¥ |
'IBM Support & downloads' À¥ »çÀÌÆ®ÀÎ http://www-01.ibm.com/support/docview.wss?uid=swg22001226¿¡¼ ±¸ÇÒ ¼ö ÀÖ´Â IBM WebSphere Application ¼¹öÀÇ °¡Àå ÃֽŠ¹öÀü 8.0.0.14 ȤÀº ÀÌÈÄ·Î ¾÷±×·¹À̵å ÇØ¾ß ÇÑ´Ù. |
| °ü·Ã URL |
CVE-2017-1194 (CVE) |
| °ü·Ã URL |
98142 (SecurityFocus) |
| °ü·Ã URL |
(ISS) |
|
