CVE-2001-0962 Information

Description

IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies which allows remote attackers to gain privileges of WebSphere users via brute force guessing.

Reference

http://archives.neohapsis.com/archives/bugtraq/2001-09/0234.html http://www.osvdb.org/5492 http://www14.software.ibm.com/webapp/download/postconfig.jsp?id=4000805&pf=Multi-Platform&v=3.0.2&e=Standard+26+Advanced+Editions&cat=&s=p https://exchange.xforce.ibmcloud.com/vulnerabilities/7153