← voltar
CVE-2022-38382

IBM Cloud Pak for Security session fixation

CVSS 4.7 MEDIUMEPSS 0.3%CWE-613
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 does not invalidate session after logout which could allow another authenticated user to obtain sensitive information. IBM X-Force ID: 233672.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
Produtos afetados
IBM · Cloud Pak for SecurityIBM · QRadar Suite Software

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://exchange.xforce.ibmcloud.com/vulnerabilities/233672https://www.ibm.com/support/pages/node/7165286