Session Token Exposure in IBM Records Manager
CVE-2010-3319

Currently unrated

Key Information:

Vendor: IBM
Status: Filenet Content Manager
Vendor: CVE Published:; 13 September 2010

Summary

IBM Records Manager versions prior to 4.5.1.1-IER-FP001 expose a session token in the URI, which can be exploited by remote attackers. By accessing Referer log files, malicious actors may capture sensitive information, potentially compromising the confidentiality of user sessions.

References

http://www.securityfocus.com/bid/43136

vdb-entryx_refsource_BID

http://www-01.ibm.com/support/docview.wss?uid=swg1PJ37426

vendor-advisoryx_refsource_AIXAPAR

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 13, 2010