CVE-2009-2746 Information

Description

Cross-site request forgery (CSRF) vulnerability in the administrative console in the Security component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.39 6.1 before 6.1.0.29 and 7.0 before 7.0.0.7 allows remote attackers to hijack the authentication of administrators via unspecified vectors.

Reference

http://secunia.com/advisories/37221 http://www-01.ibm.com/support/docview.wss?uid=swg1PK87176 http://www-01.ibm.com/support/docview.wss?uid=swg1PK99477 http://www-01.ibm.com/support/docview.wss?uid=swg27014463 https://exchange.xforce.ibmcloud.com/vulnerabilities/54227