cbcvebase.
CVE-2004-2558
published 2004-12-31

CVE-2004-2558: Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1…

PriorityP426high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
1.55%
72.0th percentile
Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms 2.1.3 to 2.15 allow remote attackers to hijack sessions of authenticated users via unknown attack vectors involving certain cookies, aka "Potential Credential Impersonation Attack."

Affected

10 ranges
VendorProductVersion rangeFixed in
ibmtivoli_access_manager_for_e-business
ibmtivoli_access_manager_for_e-business
ibmtivoli_access_manager_for_e-business
ibmtivoli_access_manager_identity_manager_solution
ibmtivoli_configuration_manager
ibmtivoli_configuration_manager_for_atm
ibmtivoli_secureway_policy_director
ibmwebsphere_everyplace_server
ibmwebsphere_everyplace_server
ibmwebsphere_everyplace_server
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.