exploitDog

GHSA-5765-9mm7-gg46

Опубликовано: 03 мая 2024

Источник: github

Github: Не прошло ревью

CVSS3: 6.3

Описание

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 264938.

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 264938.

Ссылки

EPSS

Процентиль: 11%

0.00036

Низкий

6.3 Medium

CVSS3

CVE ID

Дефекты

CWE-613

Связанные уязвимости

CVE-2023-40695

CVSS3: 6.3

nvd

почти 2 года назад

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 264938.

EPSS

Процентиль: 11%

0.00036

Низкий

6.3 Medium

CVSS3

CVE ID

Дефекты

CWE-613