Access Control Vulnerability in IBM WebSphere eXtreme Scale
CVE-2015-2027

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Extreme Scale
Vendor: CVE Published:; 4 October 2015

Summary

IBM WebSphere eXtreme Scale versions 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 contain a flaw that improperly performs logout actions. This vulnerability allows remote attackers to exploit an unattended workstation, bypassing intended access restrictions and gaining unauthorized access to sensitive information and functionalities.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21966044

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg1PI44105

vendor-advisoryx_refsource_AIXAPAR

http://www-01.ibm.com/support/docview.wss?uid=swg1PI44098

vendor-advisoryx_refsource_AIXAPAR

Timeline

Vulnerability published
Oct 4, 2015
Vulnerability Reserved
Feb 19, 2015