IBM WebSphere Application Server - Liberty could allow a remote attacker to bypass security restrictions caused by improper session validation.
CVEID:CVE-2019-4304
**DESCRIPTION:**IBM WebSphere Application Server - Liberty could allow a remote attacker to bypass security restrictions caused by improper session validation. IBM X-Force ID: 160950.
CVSS Base score: 6.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/160950 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)
Affected Product(s)
|
Version(s)
β|β
IBM Control Center
|
6.0.0.0 through 6.0.0.2 iFix08
IBM Control Center
|
6.1.0.0 through 6.1.2.1 iFix01
Product
|
VRMF
|
iFix
|
Remediation
β|β|β|β
IBM Control Center
|
6.0.0.2
|
iFix09
|
IBM Control Center
|
6.1.2.1
|
iFix02
|
None