Unrated severityNVD Advisory· Published Dec 8, 2009· Updated Jun 16, 2026
CVE-2009-2749
CVE-2009-2749
Description
Feature Pack for Communications Enabled Applications (CEA) before 1.0.0.1 for IBM WebSphere Application Server 7.0.0.7 uses predictable session values, which allows man-in-the-middle attackers to spoof a collaboration session by guessing the value.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- cpe:2.3:a:ibm:communications_enabled_applications:*:*:*:*:*:*:*:*Range: <=1.0
cpe:2.3:a:ibm:websphere_application_server:7.0.0.7:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.7:*:*:*:*:*:*:*
- (no CPE)range: = 7.0.0.7
- Range: <1.0.0.1
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.