CVE-2014-6160
First published: Mon Dec 29 2014(Updated: )
IBM WebSphere Service Registry and Repository (WSRR) 8.5 before 8.5.0.1, when Chrome and WebSEAL are used, does not properly process ServiceRegistryDashboard logout actions, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM WebSphere Service Registry and Repository | =8.5 | |
| Google Chrome | ||
| Ibm Webseal |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/type
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/references
- agent/author
- agent/severity
- agent/weakness
- agent/description
- agent/event
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm websphere service registry and repository
- version/ibm websphere service registry and repository/8.5
- vendor/google
- canonical/google chrome
- canonical/ibm webseal