The host is running IBM WebSphere Application Server and is prone to security bypass vulnerability.
Successful exploitation will let remote authenticated administrators to bypass intended access restrictions. Impact Level: Application
Upgrade to IBM WebSphere Application Server version 18.104.22.168 or later, http://www-01.ibm.com/support/docview.wss?uid=swg24028875
The flaw is due to an error in Administrative Console component which does not prevent modifications of the primary admin id, allows remote authenticated administrators to bypass intended access restrictions by mapping a 'user' or 'group' to an administrator role.
IBM WebSphere Application Server versions 6.1.0.x before 22.214.171.124 and 7.x before 126.96.36.199
Updated on 2015-03-25
- IBM WebSphere Application Server JNDI information disclosure Vulnerability
- Apache Tomcat Multiple Security Bypass Vulnerabilities (Win)
- Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
- Apache 'Options' and 'AllowOverride' Directives Security Bypass Vulnerability
- Arbor Networks Peakflow SP 'index/' Cross Site Scripting Vulnerability