CVE-2018-1626
published 2019-04-02CVE-2018-1626: IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 does not renew a session variable after a successful authentication which could lead to…
medium4.3CVSS 3.0
AVNACLPRLUINSUCLINAN
IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. This could force a user to utilize a cookie that may be known to an attacker. IBM X-Force ID: 144411.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | security_privileged_identity_manager | — | — |