2 matches found
CVE-2019-4617
IBM Cloud Automation Manager 3.2.1.0 is affected by CVE-2019-4617: it does not renew the session variable after successful authentication, enabling session fixation/hijacking where a user could be forced to use a cookie potentially known to an attacker. The IBM Security Bulletin confirms the vuln...
Security Bulletin: IBM Cloud Automation Manager Session Fixation Vulnerability (CVE-2019-4617)
Summary IBM Cloud Automation Manager Session Fixation Vulnerability Vulnerability Details CVEID: CVE-2019-4617 DESCRIPTION: IBM Cloud Automation Manager does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. This could for...