SecuritySpace - CVE-2013-0540

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2013-0540

Description: IBM WebSphere Application Server (WAS) Liberty Profile 8.5 before 8.5.0.2, when SSL is not enabled, does not properly validate authentication cookies, which allows remote authenticated users to bypass intended access restrictions via an HTTP session.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2013-0540
AIX APAR: PM81056
http://www-01.ibm.com/support/docview.wss?uid=swg1PM81056
XForce ISS Database: was-ssl-sec-bypass(82695)
https://exchange.xforce.ibmcloud.com/vulnerabilities/82695

CVE ID:	CVE-2013-0540
Description:	IBM WebSphere Application Server (WAS) Liberty Profile 8.5 before 8.5.0.2, when SSL is not enabled, does not properly validate authentication cookies, which allows remote authenticated users to bypass intended access restrictions via an HTTP session.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2013-0540 AIX APAR: PM81056 http://www-01.ibm.com/support/docview.wss?uid=swg1PM81056 XForce ISS Database: was-ssl-sec-bypass(82695) https://exchange.xforce.ibmcloud.com/vulnerabilities/82695