exploitDog

GHSA-wxhv-5vpx-mrm3

Опубликовано: 02 фев. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 6.3

Описание

IBM PowerSC 1.3, 2.0, and 2.1 does not provide logout functionality, which could allow an authenticated user to gain access to an unauthorized user using session fixation. IBM X-Force ID: 275131.

IBM PowerSC 1.3, 2.0, and 2.1 does not provide logout functionality, which could allow an authenticated user to gain access to an unauthorized user using session fixation. IBM X-Force ID: 275131.

Ссылки

EPSS

Процентиль: 8%

0.0003

Низкий

6.3 Medium

CVSS3

CVE ID

Дефекты

CWE-384

Связанные уязвимости

CVE-2023-50941

CVSS3: 6.3

nvd

около 2 лет назад

IBM PowerSC 1.3, 2.0, and 2.1 does not provide logout functionality, which could allow an authenticated user to gain access to an unauthorized user using session fixation. IBM X-Force ID: 275131.

EPSS

Процентиль: 8%

0.0003

Низкий

6.3 Medium

CVSS3

CVE ID

Дефекты

CWE-384