Session Hijacking Vulnerability in IBM Rational AppScan Enterprise
CVE-2012-0733

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Appscan
Vendor: CVE Published:; 3 May 2012

Summary

IBM Rational AppScan Enterprise versions 5.x and 8.x prior to 8.5.0.1 are susceptible to a session hijacking vulnerability. This security flaw allows remote authenticated users to exploit Integrated Windows authentication, potentially gaining unauthorized administrative privileges by hijacking sessions tied to service accounts. This vulnerability poses significant risks as it could enable attackers to manipulate the system or access sensitive information under the guise of authenticated users.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/74374

vdb-entryx_refsource_XF

http://secunia.com/advisories/48967

third-party-advisoryx_refsource_SECUNIA

http://www.ibm.com/support/docview.wss?uid=swg21592188

x_refsource_CONFIRM

Timeline

Vulnerability published
May 3, 2012
Vulnerability Reserved
Jan 17, 2012