Back to search
CVE-2011-4889
Published: Feb 8, 2018
Modified: Aug 7, 2024
PUBLISHED
Description
The javax.naming.directory.AttributeInUseException class in the Virtual Member Manager in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.43, 7.0 before 7.0.0.21, and 8.0 before 8.0.0.2 does not properly update passwords on a configuration using Tivoli Directory Server, which might allow remote attackers to gain access to an application by leveraging knowledge of an old password. IBM X-Force ID: 72581.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://www-304.ibm.com/support/docview.wss?uid=swg21587015
x_refsource_CONFIRM
was-vmm-weak-security(72581)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now