CVE-2011-1320
MEDIUM
6.8
CVSS Severity Score
Vulnerability Description
The Security component in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.35 and 7.x before 7.0.0.15, when the Tivoli Integrated Portal / embedded WebSphere Application Server (TIP/eWAS) framework is used, does not properly delete AuthCache entries upon a logout, which might allow remote attackers to access the server by leveraging an unattended workstation.
Affected Platforms (CPE)
📦
Ibm
Websphere Application Server
= 6.1.0📦
Ibm
Websphere Application Server
= 6.1.0.0📦
Ibm
Websphere Application Server
= 6.1.0.1📦
Ibm
Websphere Application Server
= 6.1.0.2📦
Ibm
Websphere Application Server
= 6.1.0.3📦
Ibm
Websphere Application Server
= 6.1.0.5📦
Ibm
Websphere Application Server
= 6.1.0.7📦
Ibm
Websphere Application Server
= 6.1.0.9📦
Ibm
Websphere Application Server
= 6.1.0.11📦
Ibm
Websphere Application Server
= 6.1.0.12📦
Ibm
Websphere Application Server
= 6.1.0.15📦
Ibm
Websphere Application Server
= 6.1.0.17📦
Ibm
Websphere Application Server
= 6.1.0.19📦
Ibm
Websphere Application Server
= 6.1.0.21📦
Ibm
Websphere Application Server
= 6.1.0.23📦
Ibm
Websphere Application Server
= 6.1.0.25📦
Ibm
Websphere Application Server
= 6.1.0.27📦
Ibm
Websphere Application Server
= 6.1.0.29📦
Ibm
Websphere Application Server
= 6.1.0.31📦
Ibm
Websphere Application Server
= 6.1.0.33📦
Ibm
Websphere Application Server
= 7.0📦
Ibm
Websphere Application Server
= 7.0.0.1📦
Ibm
Websphere Application Server
= 7.0.0.2📦
Ibm
Websphere Application Server
= 7.0.0.3📦
Ibm
Websphere Application Server
= 7.0.0.4📦
Ibm
Websphere Application Server
= 7.0.0.5📦
Ibm
Websphere Application Server
= 7.0.0.6📦
Ibm
Websphere Application Server
= 7.0.0.7📦
Ibm
Websphere Application Server
= 7.0.0.8📦
Ibm
Websphere Application Server
= 7.0.0.9📦
Ibm
Websphere Application Server
= 7.0.0.11📦
Ibm