Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Security component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.25 and 7.0 before 7.0.0.5 does not properly handle use of Identity Assertion with CSIv2 Security, which allows remote attackers to bypass intended CSIv2 access restrictions via vectors involving Enterprise JavaBeans (EJB).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ibm websphere_application_server 授权问题漏洞
Vulnerability Description
IBM WebSphere Application Server (WAS) 6.1.0.25之前的6.1版本以及7.0.0.5之前的7.0版本中的安全组件没有正确的使用带有CSIv2Security的身份标识,这使得远程攻击者可以借助涉及Enterprise JavaBeans的向量,绕过设置的CSIv2访问限制。
CVSS Information
N/A
Vulnerability Type
N/A