Lucene search
+L

4 matches found

Circl
Circl
added 2025/04/18 11:15 a.m.16 views

CVE-2024-45651

creationtimestamp| type| source ---|---|--- 2025-04-18 11:15:42+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ln3ilooke5i2 2025-04-18 11:58:56+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12416 2025-04-18 16:34:28+00:00| seen|...

6.5CVSS5.3AI score0.00276EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/18 11:4 a.m.33 views

CVE-2024-45651 IBM Sterling Connect:Direct Web Services session fixation

IBM Sterling Connect:Direct Web Services 6.1.0, 6.2.0, and 6.3.0 does not invalidate session after a browser closure which could allow an authenticated user to impersonate another user on the system...

6.3CVSS0.00276EPSS
Exploits0References1
CVE
CVE
added 2025/04/18 11:4 a.m.64 views

CVE-2024-45651

IBM Sterling Connect:Direct Web Services versions 6.1.0, 6.2.0, and 6.3.0 expose a session-fixation issue: closing a browser does not invalidate the session, potentially allowing an authenticated user to impersonate another user. Remediation per IBM bulletin is to upgrade to fixed versions: 6.3.0...

6.5CVSS6.1AI score0.00276EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/17 4:0 p.m.15 views

Security Bulletin: IBM Sterling Connect:Direct Web Services does not invalidate session after a browser closure (CVE-2024-45651)

Summary IBM Sterling Connect:Direct Web Services does not invalidate session after a browser closure which could allow an authenticated user to impersonate another user on the system. Vulnerability Details CVEID:CVE-2024-45651 DESCRIPTION: IBM Sterling Connect:Direct Web Services does not...

6.5CVSS6.4AI score0.00276EPSS
Exploits0Affected Software1
Rows per page
Query Builder