Elevated Privilege Vulnerability in IBM WebSphere Application Server with OpenID Connect and Trust Association Interceptor

Elevated Privilege Vulnerability in IBM WebSphere Application Server with OpenID Connect and Trust Association Interceptor

CVE-2017-1151 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

IBM WebSphere Application Server 8.0, 8.5, 8.5.5, and 9.0 using OpenID Connect (OIDC) configured with a Trust Association Interceptor (TAI) could allow a user to gain elevated privileges on the system. IBM Reference #: 1999293.

Learn more about our Cis Benchmark Audit For Ibm Websphere.