CVE-2016-0340
Severity
7.4HIGH
EPSS
0.2%
top 58.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 15
Latest updateMay 17
Description
IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles session expiration, which allows remote attackers to hijack sessions by leveraging an unattended workstation.
CVSS vector
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 1.4 | Impact: 5.9