IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 may fail to set the correct user context in certain impersonation scenarios, which can allow a user to act with the identity of a different user. IBM X-Force ID: 144958.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 7.0.0.0 | 7.0.0.0 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.0.0.0 | 8.0.0.0 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 7.0.0.1 | 7.0.0.1 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 8.0.0.0 | 8.0.0.0 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 8.0.0.0 | 8.0.0.0 |
Websphere_portal | Ibm | 7.0.0.1 | 7.0.0.1 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.0 | 8.0.0.0 |
Websphere_portal | Ibm | 8.0.0.0 | 8.0.0.0 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 7.0.0.1 | 7.0.0.1 |
Websphere_portal | Ibm | 7.0.0.1 | 7.0.0.1 |
Websphere_portal | Ibm | 7.0.0.1 | 7.0.0.1 |
Websphere_portal | Ibm | 7.0.0.1 | 7.0.0.1 |
Websphere_portal | Ibm | 7.0.0.1 | 7.0.0.1 |
Websphere_portal | Ibm | 7.0.0.1 | 7.0.0.1 |
Websphere_portal | Ibm | 7.0.0.1 | 7.0.0.1 |
Websphere_portal | Ibm | 7.0.0.1 | 7.0.0.1 |
Websphere_portal | Ibm | 7.0.0.1 | 7.0.0.1 |
Websphere_portal | Ibm | 9.0.0.0 | 9.0.0.0 |
Websphere_portal | Ibm | 9.0.0.0 | 9.0.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.0 | 8.0.0.0 |
Websphere_portal | Ibm | 8.0.0.0 | 8.0.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 9.0.0.0 | 9.0.0.0 |