CVE-2020-1723

A flaw was found in Keycloak Gatekeeper Louketo. The logout endpoint can be abused to redirect logged-in users to arbitrary web pages...

File.com Fat Client Code Issue Vulnerability

File.com Fat Client is a fat client application from US-based File.com. A code issue vulnerability exists in Files.com Fat Client 3.3.6 that allows bypassing authentication because the client still has access after logging out and deleting the login profile...

CVE-2020-4919

IBM Cloud Pak System 2.3 has insufficient logout controls which could allow an authenticated privileged user to impersonate another user on the system. IBM X-Force ID: 191395...

CVE-2020-4919

IBM Cloud Pak System 2.3 has insufficient logout controls which could allow an authenticated privileged user to impersonate another user on the system. IBM X-Force ID: 191395...

Design/Logic Flaw

IBM Cloud Pak System 2.3 has insufficient logout controls which could allow an authenticated privileged user to impersonate another user on the system. IBM X-Force ID: 191395...

CVE-2020-4919

IBM Cloud Pak System 2.3 has insufficient logout controls which could allow an authenticated privileged user to impersonate another user on the system. IBM X-Force ID: 191395...

CVE-2020-4919

CVE-2020-4919 affects IBM Cloud Pak System 2.3, where insufficient logout controls can let an authenticated privileged user impersonate another user. Root cause: inadequate session/logout handling on the system. The entry is supported by multiple sources (NVD/CVE, CNVD/Prion) indicating the same ...

CVE-2020-4919

IBM Cloud Pak System 2.3 has insufficient logout controls which could allow an authenticated privileged user to impersonate another user on the system. IBM X-Force ID: 191395...

Security Bulletin: A cross-site request forgery (CSRF) vulnerability may impact logout functionality in REST in IBM Cúram Social Program Management (CVE-2020-4942)

Summary A cross-site request forgery CSRF vulnerability may impact logout functionality in REST in IBM Cúram Social Program Management, which is an attack that forces a user to execute unwanted actions on the web application while they are currently authenticated. Vulnerability Details CVEID:...

IBM Financial Transaction Manager Authorization Issues Vulnerability

IBM Financial Transaction Manager for High Value Payments for Multi-Platform FTM HVP is a financial transaction manager for multi-platforms from IBM, USA. The product is primarily used to monitor, track and report on financial payments and transactions. An authorization issue vulnerability exists...

Security Bulletin: Financial Transaction Manager for Corporate Payment Services is affected by a potential logout session timeout (CVE-2020-4555)

Summary Login session may not be invalidated in a timely manner on timeout. Vulnerability Details CVEID: CVE-2020-4555 DESCRIPTION: IBM Financial Transaction Manager for High Value Payments for Multi-Platform does not invalidate session after logout which could allow an authenticated user to...

Security Bulletin: Financial Transaction Manager for Check Services is affected by a potential logout session timeout (CVE-2020-4555)

Summary Login session may not be invalidated in a timely manner on timeout. Vulnerability Details CVEID: CVE-2020-4555 DESCRIPTION: IBM Financial Transaction Manager for High Value Payments for Multi-Platform does not invalidate session after logout which could allow an authenticated user to...

Security Bulletin: Financial Transaction Manager for Digital Payments is affected by a potential logout session timeout (CVE-2020-4555)

Summary Login session may not be invalidated in a timely manner on timeout. Vulnerability Details CVEID: CVE-2020-4555 DESCRIPTION: IBM Financial Transaction Manager for High Value Payments for Multi-Platform does not invalidate session after logout which could allow an authenticated user to...

Security Bulletin: Financial Transaction Manager for High Value Payments is affected by a potential logout session timeout (CVE-2020-4555)

Summary Login session may not be invalidated in a timely manner on timeout. Vulnerability Details CVEID: CVE-2020-4555 DESCRIPTION: IBM Financial Transaction Manager for High Value Payments for Multi-Platform does not invalidate session after logout which could allow an authenticated user to...

IBM Financial Transaction Manager 授权问题漏洞

IBM Financial Transaction Manager for High Value Payments for Multi-Platform FTM HVP is a financial transaction manager for multi-platforms from IBM, USA. The product is primarily used to monitor, track and report on financial payments and transactions. An authorization issue vulnerability exists...

Citrix Access Gateway - Logout script configured with UNC path is failed to execute with an error 2 upon logging off from VPN plugin

In the below VPN log snppet, we can see that the Proxy Server configuration and Logout Script configured are pushed once the user has established the VPN session. Once the user has logged out from VPN plugin, the Logout script should get executed and clear the proxy server configuration from...

phpMyAdmin 4.0.x < 4.0.10.18 / 4.4.x < 4.4.15.9 / 4.6.x < 4.6.5 Multiple Vulnerabilities

According to its self-reported version, the phpMyAdmin application hosted on the remote web server is 4.0.x prior to 4.0.10.18, 4.4.x prior to 4.4.15.9, or 4.6.x prior to 4.6.5. It is, therefore, affected by multiple vulnerabilities. - An issue was discovered in phpMyAdmin. When the user does not...

CVE-2020-4696

IBM Cloud Pak for Security 1.3.0.1CP4S does not invalidate session after logout which could allow an authenticated user to obtain sensitive information from the previous session. IBM X-Force ID: 186789...

Design/Logic Flaw

IBM Cloud Pak for Security 1.3.0.1CP4S does not invalidate session after logout which could allow an authenticated user to obtain sensitive information from the previous session. IBM X-Force ID: 186789...

CVE-2020-4696

IBM Cloud Pak for Security 1.3.0.1CP4S does not invalidate session after logout which could allow an authenticated user to obtain sensitive information from the previous session. IBM X-Force ID: 186789...