← Voltar para CVEs
CVE-2018-1962
N/ADescricao
IBM Security Identity Manager 7.0.1 Virtual Appliance does not invalidate session tokens when the logout button is pressed. The lack of proper session termination may allow attackers with local access to login into a closed browser session. IBM X-Force ID: 153658.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado2/4/2019
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
ibm:security_identity_manager
Fraquezas (CWE)
CWE-384
Referencias
http://www.ibm.com/support/docview.wss?uid=ibm10796380(psirt@us.ibm.com)
http://www.securityfocus.com/bid/106854(psirt@us.ibm.com)
https://exchange.xforce.ibmcloud.com/vulnerabilities/153658(psirt@us.ibm.com)
http://www.ibm.com/support/docview.wss?uid=ibm10796380(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/106854(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/153658(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.