4 matches found
CVE-2024-45651
creationtimestamp| type| source ---|---|--- 2025-04-18 11:15:42+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ln3ilooke5i2 2025-04-18 11:58:56+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12416 2025-04-18 16:34:28+00:00| seen|...
CVE-2024-45651 IBM Sterling Connect:Direct Web Services session fixation
IBM Sterling Connect:Direct Web Services 6.1.0, 6.2.0, and 6.3.0 does not invalidate session after a browser closure which could allow an authenticated user to impersonate another user on the system...
CVE-2024-45651
IBM Sterling Connect:Direct Web Services versions 6.1.0, 6.2.0, and 6.3.0 expose a session-fixation issue: closing a browser does not invalidate the session, potentially allowing an authenticated user to impersonate another user. Remediation per IBM bulletin is to upgrade to fixed versions: 6.3.0...
Security Bulletin: IBM Sterling Connect:Direct Web Services does not invalidate session after a browser closure (CVE-2024-45651)
Summary IBM Sterling Connect:Direct Web Services does not invalidate session after a browser closure which could allow an authenticated user to impersonate another user on the system. Vulnerability Details CVEID:CVE-2024-45651 DESCRIPTION: IBM Sterling Connect:Direct Web Services does not...