exploitDog

GHSA-83mw-hrr9-5qq8

Опубликовано: 02 апр. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.6

Описание

IBM Jazz Reporting Service 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated privileged user to impersonate another user on the system.

IBM Jazz Reporting Service 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated privileged user to impersonate another user on the system.

Ссылки

EPSS

Процентиль: 37%

0.00161

Низкий

6.6 Medium

CVSS3

CVE ID

Дефекты

CWE-613

Связанные уязвимости

CVE-2024-25051

CVSS3: 6.6

nvd

10 месяцев назад

IBM Jazz Reporting Service 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated privileged user to impersonate another user on the system.

EPSS

Процентиль: 37%

0.00161

Низкий

6.6 Medium

CVSS3

CVE ID

Дефекты

CWE-613