CVE-2011-1839

IBM Rational Build Forge 7.1.0 uses the HTTP GET method during redirection from the authentication servlet to a PHP script, which makes it easier for context-dependent attackers to discover session IDs by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:ibm:rational_build_forge:7.1.0:*:*:*:*:*:*:*

Information

Published : 2011-04-28 11:55

Updated : 2017-08-16 18:34


NVD link : CVE-2011-1839

Mitre link : CVE-2011-1839


JSON object : View

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa

Products Affected

ibm

  • rational_build_forge