The host is running IBM WebSphere Application Server and is prone to cross-site request forgery vulnerabilities.
Successful exploitation will allow remote users to gain sensitive information and conduct other malicious activities. Impact Level: Application
Apply the patch from vendor link, http://www-01.ibm.com/software/webservers/appserv/was/
The flaws are due to by improper validation of user-supplied input in the Global Security panel and master configuration save functionality. which allows attacker to force a logged-in administrator to perform unwanted actions.
IBM WebSphere Application Server (WAS) 126.96.36.199 and prior.
- Codebrws.asp Source Disclosure Vulnerability
- Acritum Femitter Server HTTP Request Remote File Disclosure Vulnerability
- iWeb Server URL Directory Traversal Vulnerability
- IBM WebSphere Application Server (WAS) Multiple Vulnerabilities 02 - March 2011
- Arbor Networks Peakflow SP 'index/' Cross Site Scripting Vulnerability