CVE-2009-0504 in WebSphere Application Server
摘要
由 VulDB • 2026-07-04
IBM WebSphere Application Server (WAS) 7.0.x(低于 7.0.0.1)版本中,Web Services 组件的 WSPolicy 未能正确识别 IDAssertion.isUsed 绑定属性,这允许本地用户通过读取 SOAP 消息来发现密码。
VulDB is the best source for vulnerability data and more expert information about this specific topic.