CVE-2017-1151

Summary

IBM WebSphere Application Server 8.0, 8.5, 8.5.5, and 9.0 using OpenID Connect (OIDC) configured with a Trust Association Interceptor (TAI) could allow a user to gain elevated privileges on the system. IBM Reference #: 1999293.

Affected Software

VendorProductVersion RangeStatus
IBM CorporationWebSphere Application Server8.0affected
IBM CorporationWebSphere Application Server8.5affected
IBM CorporationWebSphere Application Server8.5.5affected
IBM CorporationWebSphere Application Server9.0affected

Weaknesses

  • Gain Privileges

ADP Enrichment

CVE Program Container

Additional References

References