2 matches found
IBM WebSphere Portal Security Bypass Vulnerability (CVE-2018-1420)
The version of IBM WebSphere Portal installed on the remote Windows host is affected by a security bypass vulnerability due to improper validaiton of user context during impersionation senarios. An authenticated, remote attacker can exploit this, to perform actions in the user or administrator...
CVE-2018-1420
CVE-2018-1420 affects IBM WebSphere Portal versions 7.0, 8.0, 8.5, and 9.0. The root cause is improper validation during user impersonation that resets access control to the out-of-the-box configuration during Combined Cumulative Fix (CF) installation, creating a security bypass risk. In connecte...