The host is running IBM WebSphere Application Server and is prone to security bypass vulnerability.
Successful exploitation will let remote authenticated administrators to bypass intended access restrictions. Impact Level: Application
Upgrade to IBM WebSphere Application Server version 18.104.22.168 or later, http://www-01.ibm.com/support/docview.wss?uid=swg24028875
The flaw is due to an error in Administrative Console component which does not prevent modifications of the primary admin id, allows remote authenticated administrators to bypass intended access restrictions by mapping a 'user' or 'group' to an administrator role.
IBM WebSphere Application Server versions 6.1.0.x before 22.214.171.124 and 7.x before 126.96.36.199
Updated on 2015-03-25
- IBM WebSphere Application Server Cross-Site Request Forgery Vulnerability
- IBM WebSphere Application Server Hash Collisions DOS Vulnerability
- Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
- Check for dangerous IIS default files
- CA ARCserver D2D GWT RPC Request Multiple Vulnerabilities