CVE-2009-2583

CWE-20Improper Input Validation3 documents3 sources
Severity
6.8MEDIUM
EPSS
1.0%
top 22.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Tivoli Identity Manager
Timeline
PublishedJul 23
Latest updateMay 2

Description

Multiple session fixation vulnerabilities in IBM Tivoli Identity Manager (ITIM) 5.0.0.6 allow remote attackers to hijack web sessions via unspecified vectors involving the (1) console and (2) self service interfaces.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

Patches

Patch: www-01.ibm.comPatch: www.securityfocus.comPatch: www.vupen.com

🔴Vulnerability Details

2
GHSA
GHSA-5cc8-559g-qhg4: Multiple session fixation vulnerabilities in IBM Tivoli Identity Manager (ITIM) 52022-05-02
CVEList
CVE-2009-2583: Multiple session fixation vulnerabilities in IBM Tivoli Identity Manager (ITIM) 52009-07-23
CVE-2009-2583 (MEDIUM CVSS 6.8) | Multiple session fixation vulnerabi | cvebase.io