Vulnerability: Unauthorized Modification of Primary Admin ID in IBM WebSphere Application Server
CVE-2011-1312 · MEDIUM Severity
AV:N/AC:L/AU:S/C:N/I:P/A:N
The Administrative Console component in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.31 and 7.x before 7.0.0.15 does not prevent modifications of the primary admin id, which allows remote authenticated administrators to bypass intended access restrictions by mapping a (1) user or (2) group to an administrator role.
Learn more about our Cis Benchmark Audit For Ibm I.