Lucene search

PRIOn knowledge basePRION:CVE-2023-45187

HistoryFeb 09, 2024 - 1:15 a.m.

Code injection

2024-02-0901:15:00

PRIOn knowledge base

www.prio-n.com

ibm

engineering lifecycle optimization

publishing

code injection

session

impersonation

security vulnerability

6.5 Medium

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

19.1%

JSON

IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 268749.

CPENameOperatorVersion
engineering_lifecycle_optimizationeq7.0.2
engineering_lifecycle_optimizationeq7.0.3

CPE	Name	Operator	Version
	engineering_lifecycle_optimization	eq	7.0.2
	engineering_lifecycle_optimization	eq	7.0.3

References

exchange.xforce.ibmcloud.com/vulnerabilities/268749

www.ibm.com/support/pages/node/7116045