Session Token Vulnerability in IBM Lotus Domino Web Access
CVE-2006-4763

Currently unrated

Key Information:

Vendor

IBM
Status
Lotus Domino Web Access
Vendor
CVE Published:
13 September 2006

What is CVE-2006-4763?

IBM Lotus Domino Web Access 7.0.1 contains a vulnerability whereby the Lightweight Third-Party Authentication token (LtpaToken) remains valid even after the user logs out. This flaw allows remote attackers to intercept the LtpaToken cookie, potentially granting them unauthorized access to user privileges. The lack of token expiration upon logout poses serious risks to user security and session management, making it essential for organizations to address this vulnerability promptly.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/28881
vdb-entryx_refsource_XF
http://www.securityfocus.com/archive/1/445821/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://lists.grok.org.uk/pipermail/full-disclosure/2006-S...
mailing-listx_refsource_FULLDISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.