Security Advisory

CVE-2013-0540

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2013-04-24 10:00:00

Last updated 2024-08-06 14:33:05

Assigner ibm

State PUBLISHED

Description

IBM WebSphere Application Server (WAS) Liberty Profile 8.5 before 8.5.0.2, when SSL is not enabled, does not properly validate authentication cookies, which allows remote authenticated users to bypass intended access restrictions via an HTTP session.

← Browse all CVEs View on cve.org ↗