The javax.naming.directory.AttributeInUseException class in the Virtual Member Manager in IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.43, 7.0 prior to 7.0.0.21, and 8.0 prior to 8.0.0.2 does not properly update passwords on a configuration using Tivoli Directory Server, which might allow remote malicious users to gain access to an application by leveraging knowledge of an old password. IBM X-Force ID: 72581.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm websphere application server |