4 matches found
CVE-2023-38018
IBM Aspera Shares 1.10.0 PL2 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 260574...
CVE-2023-38018
IBM Aspera Shares 1.10.0 PL2 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 260574...
CVE-2023-38018 IBM Aspera Shares session fixation
IBM Aspera Shares 1.10.0 PL2 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 260574...
Security Bulletin: IBM Aspera Shares improved security for user session handling (CVE-2023-38018)
Summary IBM Aspera Shares has addressed a vulnerability related to user session handling. Vulnerability Details CVEID:CVE-2023-38018 DESCRIPTION: IBM Aspera Shares does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system...