Описание
Cross-site request forgery (CSRF) vulnerability in the administrative console in the Security component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.39, 6.1 before 6.1.0.29, and 7.0 before 7.0.0.7 allows remote attackers to hijack the authentication of administrators via unspecified vectors.
Cross-site request forgery (CSRF) vulnerability in the administrative console in the Security component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.39, 6.1 before 6.1.0.29, and 7.0 before 7.0.0.7 allows remote attackers to hijack the authentication of administrators via unspecified vectors.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2009-2746
- https://exchange.xforce.ibmcloud.com/vulnerabilities/54227
- http://secunia.com/advisories/37221
- http://www-01.ibm.com/support/docview.wss?uid=swg1PK87176
- http://www-01.ibm.com/support/docview.wss?uid=swg1PK99477
- http://www-01.ibm.com/support/docview.wss?uid=swg27014463
Связанные уязвимости
Cross-site request forgery (CSRF) vulnerability in the administrative console in the Security component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.39, 6.1 before 6.1.0.29, and 7.0 before 7.0.0.7 allows remote attackers to hijack the authentication of administrators via unspecified vectors.