CVE-2001-0962
published 2001-09-19CVE-2001-0962: IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere…
high7.5CVSS 3.1
AVNACLAuNCPIPAP
IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere users via brute force guessing.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | websphere_application_server | <= 3.5.3 | — |
| ibm | websphere_commerce_suite | — | — |
| ibm | websphere_commerce_suite | — | — |
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2001-09/0234.htmlhttp://www.osvdb.org/5492http://www14.software.ibm.com/webapp/download/postconfig.jsp?id=4000805&pf=Multi-Platform&v=3.0.2&e=Standard+%26+Advanced+Editions&cat=&s=phttps://exchange.xforce.ibmcloud.com/vulnerabilities/7153http://archives.neohapsis.com/archives/bugtraq/2001-09/0234.htmlhttp://www.osvdb.org/5492http://www14.software.ibm.com/webapp/download/postconfig.jsp?id=4000805&pf=Multi-Platform&v=3.0.2&e=Standard+%26+Advanced+Editions&cat=&s=phttps://exchange.xforce.ibmcloud.com/vulnerabilities/7153
2001-09-19
Published