The javax.naming.directory.AttributeInUseException class in the Virtual Member Manager in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.43, 7.0 before 7.0.0.21, and 8.0 before 8.0.0.2 does not properly update passwords on a configuration using Tivoli Directory Server, which might allow remote attackers to gain access to an application by leveraging knowledge of an old password. IBM X-Force ID: 72581.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Websphere_application_server | Ibm | 6.1 (including) | 6.1.0.43 (excluding) |
Websphere_application_server | Ibm | 7.0 (including) | 7.0.0.21 (excluding) |
Websphere_application_server | Ibm | 8.0 (including) | 8.0.0.2 (excluding) |