CVE-2019-4591
published 2020-07-13CVE-2019-4591: IBM Maximo Asset Management 7.6.0 and 7.6.1 does not invalidate session after logout which could allow a local user to impersonate another user on the system…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
IBM Maximo Asset Management 7.6.0 and 7.6.1 does not invalidate session after logout which could allow a local user to impersonate another user on the system. IBM X-Force ID: 167451.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | maximo_asset_management | — | — |
| ibm | maximo_asset_management | — | — |
| ibm | maximo_asset_management | >= 7.6.0.0 < 7.6.0.10 | 7.6.0.10 |
| ibm | maximo_asset_management | >= 7.6.1.0 < 7.6.1.1 | 7.6.1.1 |