SecuritySpace - CVE-2013-5414

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2013-5414

Description: The migration functionality in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1 does not properly support the distinction between the admin role and the adminsecmanager role, which allows remote authenticated users to gain privileges in opportunistic circumstances by accessing resources in between a migration and a role evaluation.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2013-5414
AIX APAR: PM92313
http://www-01.ibm.com/support/docview.wss?uid=swg1PM92313
XForce ISS Database: was-cve20135414-role-migration(87476)
https://exchange.xforce.ibmcloud.com/vulnerabilities/87476

CVE ID:	CVE-2013-5414
Description:	The migration functionality in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1 does not properly support the distinction between the admin role and the adminsecmanager role, which allows remote authenticated users to gain privileges in opportunistic circumstances by accessing resources in between a migration and a role evaluation.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2013-5414 AIX APAR: PM92313 http://www-01.ibm.com/support/docview.wss?uid=swg1PM92313 XForce ISS Database: was-cve20135414-role-migration(87476) https://exchange.xforce.ibmcloud.com/vulnerabilities/87476