CVE-2013-2997

Currently unrated

Key Information:

Vendor: IBM
Status: Security Appscan
Vendor: CVE Published:; 8 September 2013

Summary

IBM Security AppScan Enterprise before 8.7 does not invalidate the session context upon a logout action, which allows remote attackers to hijack sessions by leveraging an unattended workstation.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21640352

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/84066

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Sep 8, 2013
Vulnerability Reserved
Apr 12, 2013