Lucene search
HistoryFeb 09, 2024 - 1:15 a.m.
CVE-2023-45187
ibm
engineering lifecycle optimization
publishing
session vulnerability
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.1
Confidence
High
EPSS
0.001
Percentile
18.9%
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 268749.
Affected configurations
Node
ibmengineering_lifecycle_optimizationMatch7.0.2
ORibmengineering_lifecycle_optimizationMatch7.0.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | engineering_lifecycle_optimization | 7.0.2 | cpe:2.3:a:ibm:engineering_lifecycle_optimization:7.0.2:*:*:*:*:*:*:* |
| ibm | engineering_lifecycle_optimization | 7.0.3 | cpe:2.3:a:ibm:engineering_lifecycle_optimization:7.0.3:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2023-45187
2024-02-09 01:15:08
cvelist
cvelist
vulnrichment
vulnrichment
prion
prion
Code injection
2024-02-09 01:15:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.1
Confidence
High
EPSS
0.001
Percentile
18.9%
Related for NVD:CVE-2023-45187