Session fixation

2012-09-1017:55:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.6%

JSON

Session fixation vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to hijack web sessions via unspecified vectors.

CPENameOperatorVersion
change_and_configuration_management_databaseeq7.0
change_and_configuration_management_databaseeq6.0
maximo_asset_managementeq6.2.0.0
maximo_asset_managementeq7.5.0.0
maximo_asset_managementeq7.1.0.0
maximo_service_deskeq6.2
smartcloud_control_deskeq7.0
tivoli_asset_management_for_iteq7.0
tivoli_asset_management_for_iteq7.2
tivoli_asset_management_for_iteq7.1

Name	Operator	Version
change_and_configuration_management_database	eq	7.0
change_and_configuration_management_database	eq	6.0
maximo_asset_management	eq	6.2.0.0
maximo_asset_management	eq	7.5.0.0
maximo_asset_management	eq	7.1.0.0
maximo_service_desk	eq	6.2
smartcloud_control_desk	eq	7.0
tivoli_asset_management_for_it	eq	7.0
tivoli_asset_management_for_it	eq	7.2
tivoli_asset_management_for_it	eq	7.1