The javax.naming.directory.AttributeInUseException class in the Virtual Member Manager in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.43, 7.0 before 7.0.0.21, and 8.0 before 8.0.0.2 does not properly update passwords on a configuration using Tivoli Directory Server, which might allow remote attackers to gain access to an application by leveraging knowledge of an old password. IBM X-Force ID: 72581.
oryginał ENCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HIBM Websphere Application Server
APPIbm6.1 – 6.1.0.43 (bez)7.0 – 7.0.0.21 (bez)8.0 – 8.0.0.2 (bez)
Powiązane podatności
Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and m...
IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the admin...
IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the admin...
IBM WebSphere Application Server — podatność na identity spoofing
RCE w IBM WebSphere Application Server — ominięcie zabezpieczeń