IBMBC818906051662B22FBE540656A7C116AD5EBE58991DEFAD776E3A545EE80076Security Bulletin: IBM WebSphere Application Server - Liberty improper session validation vulnerability affects IBM Control Center (CVE-2019-4304)
EPSS
Percentile
44.3%
Summary
IBM WebSphere Application Server - Liberty could allow a remote attacker to bypass security restrictions caused by improper session validation.
Vulnerability Details
CVEID:CVE-2019-4304
**DESCRIPTION:**IBM WebSphere Application Server - Liberty could allow a remote attacker to bypass security restrictions caused by improper session validation. IBM X-Force ID: 160950.
CVSS Base score: 6.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/160950 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)
Affected Products and Versions
Affected Product(s)
|
Version(s)
β|β
IBM Control Center
|
6.0.0.0 through 6.0.0.2 iFix08
IBM Control Center
|
6.1.0.0 through 6.1.2.1 iFix01
Remediation/Fixes
Product
|
VRMF
|
iFix
|
Remediation
β|β|β|β
IBM Control Center
|
6.0.0.2
|
iFix09
|
IBM Control Center
|
6.1.2.1
|
iFix02
|
Workarounds and Mitigations
None
Related
EPSS
Percentile
44.3%