IBM Rational AppScan Enterprise 5.x and 8.x prior to 8.5.0.1, when Integrated Windows authentication is used, allows remote authenticated users to obtain administrative privileges by hijacking a session associated with the service account.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
ibm rational appscan 5.2 |
||
ibm rational appscan 5.4 |
||
ibm rational appscan 8.0.0.2 |
||
ibm rational appscan 8.0.0.3 |
||
ibm rational appscan 5.5.0.1 |
||
ibm rational appscan 5.5.0.2 |
||
ibm rational appscan 8.0.0 |
||
ibm rational appscan 8.0.1 |
||
ibm rational appscan 5.6.0 |
||
ibm rational appscan 8.0.0.1 |
||
ibm rational appscan 8.5.0.0 |
||
ibm rational appscan 5.5.0 |
||
ibm rational appscan 5.6.0.3 |
||
ibm rational appscan 8.0.1.1 |
||
ibm rational appscan 8.5.0 |
Vulmon