CVE-2013-4001Improper Authentication in IBM Cognos Command Center

CWE-287Improper Authentication3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.2%
top 59.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Cognos Command Center
Timeline
PublishedDec 14
Latest updateMay 17

Description

Session fixation vulnerability in IBM Cognos Command Center before 10.2 allows remote attackers to hijack web sessions via an authorization cookie.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-qqwf-prw2-cf87: Session fixation vulnerability in IBM Cognos Command Center before 102022-05-17
CVEList
CVE-2013-4001: Session fixation vulnerability in IBM Cognos Command Center before 102013-12-14
CVE-2013-4001 — Improper Authentication in IBM | cvebase