IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1, when Integrated Windows authentication is used, allows remote authenticated users to obtain administrative privileges by hijacking a session associated with the service account.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Rational_appscan | Ibm | 5.2 | 5.2 |
Rational_appscan | Ibm | 8.0.0 | 8.0.0 |
Rational_appscan | Ibm | 8.0.0.2 | 8.0.0.2 |
Rational_appscan | Ibm | 5.6.0 | 5.6.0 |
Rational_appscan | Ibm | 5.6.0.3 | 5.6.0.3 |
Rational_appscan | Ibm | 8.0.0.1 | 8.0.0.1 |
Rational_appscan | Ibm | 5.4 | 5.4 |
Rational_appscan | Ibm | 8.0.0.3 | 8.0.0.3 |
Rational_appscan | Ibm | 5.5.0.1 | 5.5.0.1 |
Rational_appscan | Ibm | 8.0.1 | 8.0.1 |
Rational_appscan | Ibm | 8.0.1.1 | 8.0.1.1 |
Rational_appscan | Ibm | 5.5.0.2 | 5.5.0.2 |
Rational_appscan | Ibm | 8.5.0.0 | 8.5.0.0 |
Rational_appscan | Ibm | 8.5.0 | 8.5.0 |
Rational_appscan | Ibm | 5.5.0 | 5.5.0 |