IBM WebSphere Application Server (WAS) 6.1.0.9, when the JAAS Login functionality is enabled, allows attackers to perform an internal application hashtable login by (1) not providing a password or (2) providing an empty password.
CPE | Name | Operator | Version |
---|---|---|---|
websphere_application_server | eq | 6.1.0.9 |