IBM WebSphere Application Server Welcome Page Security Restriction Bypass Vulnerability
BID:17900
CVE-2006-2342 |Info
IBM WebSphere Application Server Welcome Page Security Restriction Bypass Vulnerability
| Bugtraq ID: | 17900 |
| Class: | Access Validation Error |
| CVE: |
CVE-2006-2342 |
| Remote: | Yes |
| Local: | No |
| Published: | May 08 2006 12:00AM |
| Updated: | Jun 27 2007 09:08PM |
| Credit: | This issue was reported by IBM. |
| Vulnerable: |
IBM Websphere Application Server 6.0.2 |
| Not Vulnerable: | |
Discussion
IBM WebSphere Application Server Welcome Page Security Restriction Bypass Vulnerability
IBM WebSphere Application Server is prone to a security restriction-bypass vulnerability. This issue is due to the application's failure to properly enforce security restrictions.
This issue allows remote attackers to gain access to the contents of potentially sensitive web pages, aiding them in further attacks.
IBM WebSphere Application Server is prone to a security restriction-bypass vulnerability. This issue is due to the application's failure to properly enforce security restrictions.
This issue allows remote attackers to gain access to the contents of potentially sensitive web pages, aiding them in further attacks.
Exploit / POC
IBM WebSphere Application Server Welcome Page Security Restriction Bypass Vulnerability
An attacker likely uses a web browser to exploit this issue.
An attacker likely uses a web browser to exploit this issue.
Solution / Fix
IBM WebSphere Application Server Welcome Page Security Restriction Bypass Vulnerability
Solution:
IBM has released fixes and an advisory to address this issue. Please see the referenced advisory for information on obtaining fixes.
Solution:
IBM has released fixes and an advisory to address this issue. Please see the referenced advisory for information on obtaining fixes.
References
IBM WebSphere Application Server Welcome Page Security Restriction Bypass Vulnerability
References:
References: