CVE-2010-0774 Information

Description

The (1) JAX-RPC WS-Security 1.0 and (2) JAX-WS runtime implementations in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41 6.1 before 6.1.0.31 and 7.0 before 7.0.0.11 do not properly handle WebServices PKCS7 and PKIPath tokens which allows remote attackers to bypass intended access restrictions via unspecified vectors.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg1PK96427 https://exchange.xforce.ibmcloud.com/vulnerabilities/58554