Описание
"IBM MQ Appliance 9.2 CD, 9.2 LTS, 9.3 CD, and LTS 9.3 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 235532."
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:mq_appliance:9.2.0.0:*:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:mq_appliance:9.2.0.0:*:*:*:lts:*:*:*
cpe:2.3:a:ibm:mq_appliance:9.3.0.0:*:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:mq_appliance:9.3.0.0:*:*:*:lts:*:*:*
EPSS
Процентиль: 52%
0.00291
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-613
CWE-613
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
"IBM MQ Appliance 9.2 CD, 9.2 LTS, 9.3 CD, and LTS 9.3 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 235532."
EPSS
Процентиль: 52%
0.00291
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-613
CWE-613