Vulnerabilities > CVE-2004-2558 - Unspecified vulnerability in IBM products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms 2.1.3 to 2.15 allow remote attackers to hijack sessions of authenticated users via unknown attack vectors involving certain cookies, aka "Potential Credential Impersonation Attack."
Vulnerable Configurations
References
- http://secunia.com/advisories/11761
- http://secunia.com/advisories/11761
- http://www.securityfocus.com/bid/10449
- http://www.securityfocus.com/bid/10449
- http://www-1.ibm.com/support/docview.wss?uid=swg21168762
- http://www-1.ibm.com/support/docview.wss?uid=swg21168762
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16315
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16315