IBM WebSphere Application Server (WAS) 6.1 up to and including 6.1.0.24 and 7.0 up to and including 7.0.0.4, IBM WebSphere Portal Server 5.1 up to and including 6.0, and IBM Integrated Solutions Console (ISC) 6.0.1 do not properly set the IsSecurityEnabled security flag during migration of WebSphere Member Manager (WMM) to Virtual Member Manager (VMM) and a Federated Repository, which allows malicious users to obtain sensitive information from repositories via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm websphere application server |
||
ibm websphere portal |
||
ibm integrated solutions console 6.0.1 |