Описание
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 uses insufficient session expiration which could allow an unauthorized user to obtain sensitive information. IBM X-Force ID: 228565.
Ссылки
- VDB Entry
- Vendor Advisory
- VDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:security_directory_integrator:7.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_directory_server:-:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_verify_access:10.0.0:*:*:*:*:*:*:*
EPSS
Процентиль: 29%
0.00108
Низкий
5.3 Medium
CVSS3
7.5 High
CVSS3
Дефекты
CWE-613
Связанные уязвимости
CVSS3: 5.3
github
больше 1 года назад
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 uses insufficient session expiration which could allow an unauthorized user to obtain sensitive information. IBM X-Force ID: 228565.
EPSS
Процентиль: 29%
0.00108
Низкий
5.3 Medium
CVSS3
7.5 High
CVSS3
Дефекты
CWE-613