Session Hijacking Vulnerability in IBM Rational License Key Server
CVE-2014-4756

Currently unrated

Key Information:

Vendor: IBM
Status: Rational License Key Server
Vendor: CVE Published:; 10 September 2014

What is CVE-2014-4756?

The Administration and Reporting Tool in IBM Rational License Key Server (RLKS) versions 8.1.4.x prior to 8.1.4.4 is vulnerable to session hijacking attacks. This vulnerability allows remote authenticated users to exploit unspecified vectors to gain unauthorized access to sessions, potentially leading to further exploitation within the system. It is crucial for users of the affected version to apply the appropriate patches to mitigate this risk and secure their environments.

References

http://www-01.ibm.com/support/docview.wss?uid=swg24038045

x_refsource_CONFIRM

http://secunia.com/advisories/60709

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/94444

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 10, 2014
Vulnerability Reserved
Jul 9, 2014