Ãë¾àÁ¡ID |
22788 |
À§Çèµµ |
30 |
Æ÷Æ® |
8880, ... |
ÇÁ·ÎÅäÄÝ |
TCP |
ºÐ·ù |
WWW |
»ó¼¼¼³¸í |
ÇØ´ç ½Ã½ºÅÛ¿¡´Â IBM WebSphere Application Server(8.5.x)ÀÇ 8.5.5.12 ÀÌÀü ¹öÀüÀÌ ¼³Ä¡µÇ¾î ÀÖ´Ù. ÇØ´ç ¹öÀüÀÇ OAuth ¼ºñ½º Á¦°øÀÚ¿¡´Â ƯÁ¤ÇÑ ¹Î°¨ ÇൿÀ» ¼öÇàÇÒ ¶§ ´Ù¼öÀÇ ´Ü°è, ¸í½ÃÀû È®ÀÎ ¶Ç´Â °íÀ¯ÇÑ ÅäÅ«À» ¿ä±¸ÇÏ´Â °ÍÀÇ ½ÇÆзΠÀÎÇÑ, cross-site request forgery (XSRF) Ãë¾àÁ¡ÀÌ Á¸ÀçÇÑ´Ù. ¹Ì ÀÎÁõµÈ ¿ø°Ý °ø°ÝÀÚ´Â »ç¿ëÀÚ¸¦ Ư¼ö Á¦ÀÛµÈ ¸µÅ©·Î µû¶ó¿Àµµ·Ï ¼Ó¿©¼, ÀǵµµÇÁö ¾ÊÀº ÇൿÀ» ¼öÇàÇϵµ·Ï ÀÌ Ãë¾àÁ¡À» ¾Ç¿ëÇÒ ¼ö ÀÖ´Ù.
* ÂüÁ¶»çÀÌÆ® : http://www-01.ibm.com/support/docview.wss?uid=swg22001226 |
ÇØ°áÃ¥ |
'IBM Support & downloads' À¥ »çÀÌÆ®ÀÎ http://www-01.ibm.com/support/docview.wss?uid=swg22001226¿¡¼ ±¸ÇÒ ¼ö ÀÖ´Â IBM WebSphere Application ¼¹öÀÇ °¡Àå ÃֽŠ¹öÀü 8.5.5.12 ȤÀº ÀÌÈÄ·Î ¾÷±×·¹À̵å ÇØ¾ß ÇÑ´Ù. |
°ü·Ã URL |
CVE-2017-1194 (CVE) |
°ü·Ã URL |
98142 (SecurityFocus) |
°ü·Ã URL |
(ISS) |
|