CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-2558

Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms 2.1.3 to 2.15 allow remote attackers to hijack sessions of authenticated users via unknown attack vectors involving certain cookies, aka "Potential Credential Impersonation Attack."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 72.5%

CVSS Severity

CVSS v2 Score 7.5

References

Products affected by CVE-2004-2558

Ibm » Tivoli Access Manager For E-Business » Version: 3.9

cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:3.9
Ibm » Tivoli Access Manager For E-Business » Version: 4.1

cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:4.1
Ibm » Tivoli Access Manager For E-Business » Version: 5.1

cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:5.1
Ibm » Tivoli Access Manager Identity Manager Solution » Version: 5.1

cpe:2.3:a:ibm:tivoli_access_manager_identity_manager_solution:5.1
Ibm » Tivoli Configuration Manager » Version: 4.2

cpe:2.3:a:ibm:tivoli_configuration_manager:4.2
Ibm » Tivoli Configuration Manager For Atm » Version: 2.1

cpe:2.3:a:ibm:tivoli_configuration_manager_for_atm:2.1
Ibm » Tivoli Secureway Policy Director » Version: 3.8

cpe:2.3:a:ibm:tivoli_secureway_policy_director:3.8
Ibm » Websphere Everyplace Server » Version: 2.1.3

cpe:2.3:a:ibm:websphere_everyplace_server:2.1.3
Ibm » Websphere Everyplace Server » Version: 2.1.4

cpe:2.3:a:ibm:websphere_everyplace_server:2.1.4
Ibm » Websphere Everyplace Server » Version: 2.1.5

cpe:2.3:a:ibm:websphere_everyplace_server:2.1.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-2558

Products

Pricing

Contact Us