CVE-2012-3325 Information

Description

IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.45 7.0.x before 7.0.0.25 8.0.x before 8.0.0.5 and 8.5.x Full Profile before 8.5.0.1 when the PM44303 fix is installed does not properly validate credentials which allows remote authenticated users to obtain administrative access via unspecified vectors.

Reference

http://secunia.com/advisories/54971 http://secunia.com/advisories/55115 http://www.ibm.com/support/docview.wss?uid=swg21609067 http://www.securityfocus.com/bid/55309 http://www.securitytracker.com/id?1027462 http://www-01.ibm.com/support/docview.wss?uid=swg1PM71296 https://exchange.xforce.ibmcloud.com/vulnerabilities/77959