Abstract
IBM has identified a serious vulnerability in IBM WebSphere Portal in an authentication component that makes it possible for remote attackers over the network to bypass normal WebSphere Portal server security. Through this attack, an intruder might be able to execute administrative commands without proper authority.
Content
Cause
The Authentication code of WebSphere Portal can be bypassed under certain circumstances and grant access to an administrative account without knowledge of the credentials of this account.
via IBM – Security Fix Required: Access problems with BasicAuthTAI in WebSphere Portal.
