IBM WebSphere Host On-Demand authentication bypass

2006-12-1100:00:00

BUGTRAQ

vulners.com

Some URLs allow access without authentication.

CPENameOperatorVersion
websphere host on-demandeq6.0
websphere host on-demandeq7.0
websphere host on-demandeq8.0
websphere host on-demandeq9.0

Name	Operator	Version
websphere host on-demand	eq	6.0
websphere host on-demand	eq	7.0
websphere host on-demand	eq	8.0
websphere host on-demand	eq	9.0

References

vulners.com/securityvulns/securityvulns:doc:15366