exploitDog

GHSA-m7j6-fv82-q34r

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

IBM Cloud Private 3.1.0, 3.1.1, and 3.1.2 does not invalidate session after logout which could allow a local user to impersonate another user on the system. IBM X-Force ID: 162949.

IBM Cloud Private 3.1.0, 3.1.1, and 3.1.2 does not invalidate session after logout which could allow a local user to impersonate another user on the system. IBM X-Force ID: 162949.

Ссылки

EPSS

Процентиль: 10%

0.00036

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-384

Связанные уязвимости

CVE-2019-4439

CVSS3: 5.3

nvd

больше 6 лет назад

IBM Cloud Private 3.1.0, 3.1.1, and 3.1.2 does not invalidate session after logout which could allow a local user to impersonate another user on the system. IBM X-Force ID: 162949.

EPSS

Процентиль: 10%

0.00036

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-384