IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 on Windows allows remote attackers to bypass "Authorization checking" and obtain sensitive information from JSP pages via a crafted request. NOTE: this is probably a duplicate of CVE-2008-5412.
References
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2009-02-10 14:30
Updated : 2017-08-07 18:33
NVD link : CVE-2009-0438
Mitre link : CVE-2009-0438
JSON object : View
CWE
CWE-264
Permissions, Privileges, and Access Controls
Products Affected
microsoft
- windows
ibm
- websphere_application_server