CVE-2019-4072: IBM Tivoli Storage Productivity Center (IBM Spectrum Control Standard Edition 5.2.1 through 5.2.17) allows users to remain idle within the application even…

medium6.3CVSS 3.1

AVNACLPRLUINSUCLILAL

IBM Tivoli Storage Productivity Center (IBM Spectrum Control Standard Edition 5.2.1 through 5.2.17) allows users to remain idle within the application even when a user has logged out. Utilizing the application back button users can remain logged in as the current user for a short period of time, therefore users are presented with information for Spectrum Control Application. IBM X-Force ID: 157064.

Affected

15 ranges

Vendor	Product	Version range	Fixed in
ibm	spectrum_control	5.2.8 – 5.2.17.2	—
ibm	spectrum_control	5.3.0 – 5.3.1	—
ibm	spectrum_control_standard_edition	—	—
ibm	spectrum_control_standard_edition	—	—
ibm	spectrum_control_standard_edition	—	—
ibm	spectrum_control_standard_edition	—	—
ibm	spectrum_control_standard_edition	—	—
ibm	spectrum_control_standard_edition	—	—
ibm	spectrum_control_standard_edition	—	—
ibm	spectrum_control_standard_edition	—	—
ibm	spectrum_control_standard_edition	—	—
ibm	spectrum_control_standard_edition	—	—
ibm	spectrum_control_standard_edition	—	—
ibm	spectrum_control_standard_edition	—	—
ibm	tivoli_storage_productivity_center	5.2.0 – 5.2.7.1	—