OSVDB ID: 85733

Title: IBM WebSphere Application Server (WAS) Unspecified Remote Session Hijacking

Info

Disclosure

Sep 24, 2012

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Sep 24, 2012

Description

IBM WebSphere Application Server (WAS) contains an unspecified flaw that may allow a remote attacker to hijack web sessions. No further details have been provided.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Unknown
Disclosure: Vendor Verified
OSVDB: Web Related

Solution

Upgrade to version 6.1.0.45, 7.0.0.25, 8.0.0.5, or 8.5.0.1 or higher, as it has been reported to fix this vulnerability. In addition, IBM has released a patch for some older versions.

Products

IBM Corporation

WebSphere Application Server

8.5
8
7
6.1

References

Credit

Unknown or Incomplete



Direct URL: http://osvdb.org/85733