Session Fixation Vulnerability in IBM Maximo Asset Management Products
CVE-2012-2183

Currently unrated

Key Information:

Vendor

IBM
Status
Tivoli Asset Management For It
Maximo Asset Management
Smartcloud Control Desk
Change And Configuration Management Database
Vendor
CVE Published:
10 September 2012

What is CVE-2012-2183?

A session fixation vulnerability exists in various IBM Maximo Asset Management products that allows remote attackers to hijack user sessions. This vulnerability primarily exploits session handling mechanisms, enabling unauthorized access to web-based applications through manipulation of session identifiers. Users of IBM Maximo Asset Management from versions 6.2 to 7.5, including associated services like SmartCloud Control Desk and Tivoli Service Request Manager, are at risk, underscoring the importance of robust session management practices.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/75776
vdb-entryx_refsource_XF
http://www-01.ibm.com/support/docview.wss?uid=swg1IV09212
vendor-advisoryx_refsource_AIXAPAR
http://osvdb.org/85185
vdb-entryx_refsource_OSVDB

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.