exploitDog

GHSA-46mj-7xpv-pprw

Опубликовано: 12 апр. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 6.3

Описание

IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 280896.

IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 280896.

Ссылки

EPSS

Процентиль: 21%

0.00066

Низкий

6.3 Medium

CVSS3

CVE ID

Дефекты

CWE-613

Связанные уязвимости

CVE-2024-22358

CVSS3: 6.3

nvd

почти 2 года назад

IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 280896.

EPSS

Процентиль: 21%

0.00066

Низкий

6.3 Medium

CVSS3

CVE ID

Дефекты

CWE-613