Vulnerability: Unauthorized Modification of Primary Admin ID in IBM WebSphere Application Server

Vulnerability: Unauthorized Modification of Primary Admin ID in IBM WebSphere Application Server

CVE-2011-1312 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

The Administrative Console component in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.31 and 7.x before 7.0.0.15 does not prevent modifications of the primary admin id, which allows remote authenticated administrators to bypass intended access restrictions by mapping a (1) user or (2) group to an administrator role.

Learn more about our Cis Benchmark Audit For Ibm I.