The administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.23 and 7.0 before 7.0.0.3 allows attackers to hijack user sessions in "specific scenarios" related to a forced logout.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-03-31T10:00:00

Updated: 2024-08-07T04:48:52.707Z

Reserved: 2009-03-14T00:00:00

Link: CVE-2009-0892

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2009-03-31T14:09:53.780

Modified: 2017-08-17T01:30:04.910

Link: CVE-2009-0892

cve-icon Redhat

No data.