3 matches found
CVE-2020-5021
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 does not invalidate session after a password reset which could allow a local user to impersonate another user on the system. IBM X-Force ID: 193657...
CVE-2020-5021
CVE-2020-5021 affects IBM Spectrum Protect Plus 10.1.0–10.1.6. The issue is that the product does not invalidate a user session after a password reset, which could allow a local user to impersonate another user on the system. Roots cause: session remains valid post-password-change. Impact is desc...
CVE-2020-5021
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 does not invalidate session after a password reset which could allow a local user to impersonate another user on the system. IBM X-Force ID: 193657...