AI Score
Confidence
Low
EPSS
Percentile
61.4%
IBM OmniFind Enterprise Edition 8.x and 9.x does not properly restrict the cookie path of administrator (aka ESAdmin) cookies, which might allow remote attackers to bypass authentication by leveraging access to other pages on the web site.
security.fatihkilic.de/advisory/fkilic-sa-2010-ibm-omnifind.txt
www.securityfocus.com/archive/1/514688/100/0/threaded
www.securityfocus.com/bid/44740
www.vupen.com/english/advisories/2010/2933