CVE

CVE-2016-0377 (websphere_application_server)

admin

CVE-2016-0377 (websphere_application_server)

The Administrative Console in IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.x before 8.0.0.13, and 8.5.x before 8.5.5.10 mishandles CSRFtoken cookies, which allows remote authenticated users to obtain sensitive information via unspecified vectors.

Source: CVE-2016-0377 (websphere_application_server)

Exit mobile version