Описание
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 268749.
Ссылки
- VDB EntryVendor Advisory
- PatchVendor Advisory
- VDB EntryVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:engineering_lifecycle_optimization:7.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:engineering_lifecycle_optimization:7.0.3:*:*:*:*:*:*:*
EPSS
Процентиль: 11%
0.00036
Низкий
6.3 Medium
CVSS3
8.8 High
CVSS3
Дефекты
CWE-613
Связанные уязвимости
CVSS3: 6.3
github
почти 2 года назад
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 268749.
EPSS
Процентиль: 11%
0.00036
Низкий
6.3 Medium
CVSS3
8.8 High
CVSS3
Дефекты
CWE-613