exploitDog

GHSA-fp3q-9278-8ppc

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

IBM Cloud Pak for Security 1.3.0.1(CP4S) does not invalidate session after logout which could allow an authenticated user to obtain sensitive information from the previous session. IBM X-Force ID: 186789.

IBM Cloud Pak for Security 1.3.0.1(CP4S) does not invalidate session after logout which could allow an authenticated user to obtain sensitive information from the previous session. IBM X-Force ID: 186789.

Ссылки

EPSS

Процентиль: 30%

0.00114

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-613

Связанные уязвимости

CVE-2020-4696

CVSS3: 4.3

nvd

около 5 лет назад

IBM Cloud Pak for Security 1.3.0.1(CP4S) does not invalidate session after logout which could allow an authenticated user to obtain sensitive information from the previous session. IBM X-Force ID: 186789.

EPSS

Процентиль: 30%

0.00114

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-613