QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2010-0563

Back to search

CVE-2010-0563

Published: Feb 8, 2010

Modified: Sep 17, 2024

PUBLISHED

Description

The Single Sign-on (SSO) functionality in IBM WebSphere Application Server (WAS) 7.0.0.0 through 7.0.0.8 does not recognize the Requires SSL configuration option, which might allow remote attackers to obtain sensitive information by sniffing network sessions that were expected to be encrypted.

VendorProductVersions

n/a

n/a

affected
n/a

References

1023551
vdb-entry
x_refsource_SECTRACK
PM00610
vendor-advisory
x_refsource_AIXAPAR
38122
vdb-entry
x_refsource_BID
38425
third-party-advisory
x_refsource_SECUNIA
62140
vdb-entry
x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now