Vulnerability Description
Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms 2.1.3 to 2.15 allow remote attackers to hijack sessions of authenticated users via unknown attack vectors involving certain cookies, aka "Potential Credential Impersonation Attack."
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Tivoli Access Manager For E-Business | 3.9 |
| Ibm | Tivoli Access Manager Identity Manager Solution | 5.1 |
| Ibm | Tivoli Configuration Manager | 4.2 |
| Ibm | Tivoli Configuration Manager For Atm | 2.1 |
| Ibm | Tivoli Secureway Policy Director | 3.8 |
| Ibm | Websphere Everyplace Server | 2.1.3 |
References
- http://secunia.com/advisories/11761Vendor Advisory
- http://www-1.ibm.com/support/docview.wss?uid=swg21168762PatchVendor Advisory
- http://www.securityfocus.com/bid/10449Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16315
- http://secunia.com/advisories/11761Vendor Advisory
- http://www-1.ibm.com/support/docview.wss?uid=swg21168762PatchVendor Advisory
- http://www.securityfocus.com/bid/10449Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16315
FAQ
What is CVE-2004-2558?
CVE-2004-2558 is a vulnerability with a CVSS score of 7.5 (HIGH). Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration ...
How severe is CVE-2004-2558?
CVE-2004-2558 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2558?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Tivoli Access Manager For E-Business, Ibm Tivoli Access Manager Identity Manager Solution, Ibm Tivoli Configuration Manager, Ibm Tivoli Configuration Manager For Atm, Ibm Tivoli Secureway Policy Director.