CVE-2013-2997

2013-09-0816:00:00

ibm

www.cve.org

AI Score

6.4

Confidence

Low

EPSS

0.001

Percentile

44.0%

JSON

IBM Security AppScan Enterprise before 8.7 does not invalidate the session context upon a logout action, which allows remote attackers to hijack sessions by leveraging an unattended workstation.

References

www-01.ibm.com/support/docview.wss?uid=swg21640352

exchange.xforce.ibmcloud.com/vulnerabilities/84066