• info
• discussion
• exploit
• solution
• references

Apache Geronimo SQLLoginModule Authentication Bypass Vulnerability

Apache Geronimo is prone to an authentication-bypass vulnerability that occurs in SQLLoginModule.

An attacker can exploit this vulnerability to access the affected application; other attacks are also possible.

This issue affects Apache Geronimo 2.1, 2.0, 2.0.1, 2.0.2.

IBM WebSphere Application Server Community Edition 2.0.0.0 is vulnerable as well because it uses the affected component.