← volver
CVE-2022-38382

IBM Cloud Pak for Security session fixation

CVSS 4.7 MEDIUMEPSS 0.3%CWE-613
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 does not invalidate session after logout which could allow another authenticated user to obtain sensitive information. IBM X-Force ID: 233672.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
Productos afectados
IBM · Cloud Pak for SecurityIBM · QRadar Suite Software

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://exchange.xforce.ibmcloud.com/vulnerabilities/233672https://www.ibm.com/support/pages/node/7165286