CSRFtoken Cookie Mishandling Vulnerability in IBM WebSphere Application Server
CVE-2016-0377 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:N/A:N
The Administrative Console in IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.x before 8.0.0.13, and 8.5.x before 8.5.5.10 mishandles CSRFtoken cookies, which allows remote authenticated users to obtain sensitive information via unspecified vectors.
Learn more about our Cis Benchmark Audit For Ibm I.