IBM WebSphere Application Server 7.0 before 7.0.0.23, when a certain SSLv2 configuration with client authentication is used, allows remote attackers to bypass X.509 client-certificate authentication via unspecified vectors.Referenceshttp://www.ibm.com/support/docview.wss?uid=swg21595172http://www.ibm.com/support/docview.wss?uid=swg1PM52351
