exploitDog

GHSA-w37x-68hw-2gcg

Опубликовано: 11 окт. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

IBM Sterling Partner Engagement Manager 2.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 229704.

IBM Sterling Partner Engagement Manager 2.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 229704.

Ссылки

EPSS

Процентиль: 27%

0.00097

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-384

Связанные уязвимости

CVE-2022-34334

CVSS3: 6.5

nvd

больше 3 лет назад

IBM Sterling Partner Engagement Manager 2.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 229704.

EPSS

Процентиль: 27%

0.00097

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-384