exploitDog

GHSA-5vcx-9483-28vf

Опубликовано: 05 мая 2023

Источник: github

Github: Не прошло ревью

CVSS3: 4.2

Описание

IBM Cloud Pak System Suite 2.3.3.0 through 2.3.3.5 does not invalidate session after logout which could allow a local user to impersonate another user on the system. IBM X-Force ID: 191290.

IBM Cloud Pak System Suite 2.3.3.0 through 2.3.3.5 does not invalidate session after logout which could allow a local user to impersonate another user on the system. IBM X-Force ID: 191290.

Ссылки

EPSS

Процентиль: 2%

0.00014

Низкий

4.2 Medium

CVSS3

CVE ID

Дефекты

CWE-613

Связанные уязвимости

CVE-2020-4914

CVSS3: 4.2

nvd

почти 3 года назад

IBM Cloud Pak System Suite 2.3.3.0 through 2.3.3.5 does not invalidate session after logout which could allow a local user to impersonate another user on the system. IBM X-Force ID: 191290.

EPSS

Процентиль: 2%

0.00014

Низкий

4.2 Medium

CVSS3

CVE ID

Дефекты

CWE-613