CVE-2021-27748 Scanner

IBM WebSphere HCL Digital Experience is a platform used to create and manage web content, applications, and customer experiences. It is designed to help businesses connect with their clients and employees in a personalized, engaging, and secure way. The platform is widely used by organizations of all sizes and industries, including banks, governments, healthcare providers, and retailers.

Recently, a security vulnerability has been detected in IBM WebSphere HCL Digital Experience, known as CVE-2021-27748. This vulnerability is a type of server-side request forgery that can be exploited to steal sensitive data, take control of the application, or launch attacks against other systems. It affects on-premise deployments and containers of version 9.5 and 9.0 of the platform.

If this vulnerability is exploited, it can lead to severe consequences for businesses, including data breaches, financial losses, reputational damage, and legal liabilities. Attackers can use the vulnerability to trick the application into sending arbitrary requests to internal systems or external web services, leading to unauthorized access, data leakage, or denial of service.

Thanks to the pro features of the securityforeveryone.com platform, businesses and IT professionals can easily and quickly learn about vulnerabilities in their digital assets, including IBM WebSphere HCL Digital Experience. The platform provides timely and accurate information about the latest security threats, vulnerabilities, and patches, as well as actionable insights and recommendations to improve the overall security posture. With securityforeveryone.com, businesses can stay ahead of cyber threats and protect their customers, employees, and assets.

REFERENCES

• https://blog.assetnote.io/2021/12/26/chained-ssrf-websphere/
• https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095665
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27748