CVE-2015-1936
N/A
N/A
Summary
The administrative console in IBM WebSphere Application Server (WAS) 8.0.0 before 8.0.0.11 and 8.5 before 8.5.5.6, when the Security feature is disabled, allows remote authenticated users to hijack sessions via the JSESSIONID parameter.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www-01.ibm.com/support/docview.wss?uid=swg21959083
- http://www.securityfocus.com/bid/75480
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI37230
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21959083
- http://www.securityfocus.com/bid/75480
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI37230
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.