CVE-2011-1311

by Fred · 08/03/2011

The Security component in IBM WebSphere Application Server (WAS) before 7.0.0.15, when a J2EE 1.4 application is used, determines the security role mapping on the basis of the ibm-application-bnd.xml file instead of the intended ibm-application-bnd.xmi file, which might allow remote authenticated users to gain privileges in opportunistic circumstances by requesting a service.

Date published : 2011-03-08

http://www-01.ibm.com/support/docview.wss?uid=swg1PM25455

http://www-01.ibm.com/support/docview.wss?uid=swg27014463

CVE-2011-1311

Similar

Recent Posts

Categories

CVE-2011-1311

Share this:

Similar

Recent Posts

Categories

Tags