Описание
The administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.23 and 7.0 before 7.0.0.3 allows attackers to hijack user sessions in "specific scenarios" related to a forced logout.
The administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.23 and 7.0 before 7.0.0.3 allows attackers to hijack user sessions in "specific scenarios" related to a forced logout.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2009-0892
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49499
- http://secunia.com/advisories/34131
- http://www-01.ibm.com/support/docview.wss?uid=swg1PK74966
- http://www-01.ibm.com/support/docview.wss?uid=swg27007951
- http://www-01.ibm.com/support/docview.wss?uid=swg27014463
- http://www.securityfocus.com/bid/34501
Связанные уязвимости
nvd
почти 17 лет назад
The administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.23 and 7.0 before 7.0.0.3 allows attackers to hijack user sessions in "specific scenarios" related to a forced logout.