CVE-2017-1270
published 2017-12-20CVE-2017-1270: IBM Security Guardium 10.0 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability…
low3.3CVSS 3.0
AVLACLPRLUINSUCLINAN
IBM Security Guardium 10.0 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. This could force a user to utilize a cookie that may be known to an attacker. IBM X-Force ID: 124745.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | security_guardium | — | — |
| ibm | security_guardium | — | — |
| ibm | security_guardium | — | — |
| ibm | security_guardium | — | — |
| ibm | security_guardium | — | — |
| ibm | security_guardium | — | — |