Moole Vulnerability Database

Find real vulnerabilities before they ship

Unknown

CVE-2001-0962

IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere users via brute force guessing.

PublishedSep 19, 2001, 04:00

Published Bycve@mitre.org

Affected Versions

No affected versions found.

References

http://archives.neohapsis.com/archives/bugtraq/2001-09/0234.html
http://www.osvdb.org/5492
http://www14.software.ibm.com/webapp/download/postconfig.jsp?id=4000805&pf=Multi-Platform&v=3.0.2&e=Standard+%26+Advanced+Editions&cat=&s=p
https://exchange.xforce.ibmcloud.com/vulnerabilities/7153

Weakness Type

NVD-CWE-Other

CVSS Metrics

Base Score

7.5

Vector String

AV:N/AC:L/Au:N/C:P/I:P/A:P

Base SeverityUnknown

Version

2.0

Attack Vector (AV)