CVE Daily

CVE-2014-6160

IBM WebSphere Service Registry and Repository (WSRR) 8.5 before 8.5.0.1, when Ch...

Low CVSS 2.1

Overview

IBM WebSphere Service Registry and Repository (WSRR) 8.5 before 8.5.0.1, when Chrome and WebSEAL are used, does not properly process ServiceRegistryDashboard logout actions, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.

CWE: CWE-264 Published: 2014-12-29T02:59:01.363
Risk analysis

This vulnerability is rated 🟢 LOW.

  • CVSS: 2.1 (LOW)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags