IBM OmniFind Enterprise Edition 8.x and 9.x does not properly restrict the cookie path of administrator (aka ESAdmin) cookies, which might allow remote malicious users to bypass authentication by leveraging access to other pages on the web site.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm omnifind 9.0 |
||
ibm omnifind 9.1 |
||
ibm omnifind 8.4 |
||
ibm omnifind 8.5 |
||
ibm omnifind 8.0 |