Описание
IBM WebSphere Service Registry and Repository (WSRR) 8.5 before 8.5.0.1, when Chrome and WebSEAL are used, does not properly process ServiceRegistryDashboard logout actions, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:ibm:websphere_service_registry_and_repository:8.5:*:*:*:*:*:*:*
Одно из
cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*
cpe:2.3:a:ibm:webseal:-:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00152
Низкий
2.1 Low
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
IBM WebSphere Service Registry and Repository (WSRR) 8.5 before 8.5.0.1, when Chrome and WebSEAL are used, does not properly process ServiceRegistryDashboard logout actions, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.
EPSS
Процентиль: 36%
0.00152
Низкий
2.1 Low
CVSS2
Дефекты
CWE-264