Session Cookie Vulnerability in IBM Security AppScan Enterprise
CVE-2013-0510

Currently unrated

Key Information:

Vendor: IBM
Status: Security Appscan
Vendor: CVE Published:; 29 March 2013

Summary

A security flaw exists in IBM Security AppScan Enterprise versions 5.6 and 8.x before 8.7 that permits the transmission of session cookies to an external server during security tests. This vulnerability can be exploited by man-in-the-middle attackers who are able to intercept these session cookies, potentially allowing them to hijack test accounts and compromise sensitive information.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/82592

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21626264

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 29, 2013
Vulnerability Reserved
Dec 16, 2012