Ibm: >> Websphere Application Server >> 3.0.0.3 Security Vulnerabilities
Multiple unspecified vulnerabilities in IBM WebSphere Application Server before 6.1.0.1 have unspecified impact and attack vectors involving (1) "SOAP requests and responses", (2) mbean, (3) ThreadIdentitySupport, and possibly others.
CVSS Score
7.5
EPSS Score
0.007
Published
2006-08-14
IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere users via brute force guessing.
CVSS Score
7.5
EPSS Score
0.011
Published
2001-09-19
Page 6