IBM OmniFind Enterprise Edition 8.x and 9.x does not properly restrict the cookie path of administrator (aka ESAdmin) cookies, which might allow remote attackers to bypass authentication by leveraging access to other pages on the web site.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2010-11-12T21:00:00
Updated: 2018-10-10T18:57:01
Reserved: 2010-10-12T00:00:00
Link: CVE-2010-3898
JSON object: View
NVD Information
Status : Modified
Published: 2010-11-12T22:00:02.377
Modified: 2018-10-10T20:06:01.187
Link: CVE-2010-3898
JSON object: View
Redhat Information
No data.
CWE