Summary
The host is running IBM WebSphere Application Server and is prone to security bypass vulnerability.
Impact
Successful exploitation will let remote authenticated administrators to bypass intended access restrictions.
Impact Level: Application
Solution
Upgrade to IBM WebSphere Application Server version 7.0.0.15 or later, http://www-01.ibm.com/support/docview.wss?uid=swg24028875
Insight
The flaw is due to an error in Administrative Console component which does not prevent modifications of the primary admin id, allows remote authenticated administrators to bypass intended access restrictions by mapping a 'user' or 'group' to an administrator role.
Affected
IBM WebSphere Application Server versions 6.1.0.x before 6.1.0.31 and 7.x before 7.0.0.15
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2011-1312 -
CVSS Base Score: 4.0
AV:N/AC:L/Au:S/C:N/I:P/A:N
Related Vulnerabilities