← CVECheck
HomeVulnerabilities

CVE-2001-0962 — HIGH severity vulnerability (IBM WebSphere Application Server 3.02 through 3.53 uses pred)

IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere users via brute force guessing.

CVE IDCVE-2001-0962
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2001-09-19
Last modified2026-04-16
DescriptionIBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere users via brute force guessing.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →