CSRFtoken Cookie Mishandling Vulnerability in IBM WebSphere Application Server

CSRFtoken Cookie Mishandling Vulnerability in IBM WebSphere Application Server

CVE-2016-0377 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

The Administrative Console in IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.x before 8.0.0.13, and 8.5.x before 8.5.5.10 mishandles CSRFtoken cookies, which allows remote authenticated users to obtain sensitive information via unspecified vectors.

Learn more about our Cis Benchmark Audit For Ibm I.