Session fixation

2009-07-2320:30:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

83.2%

JSON

Multiple session fixation vulnerabilities in IBM Tivoli Identity Manager (ITIM) 5.0.0.6 allow remote attackers to hijack web sessions via unspecified vectors involving the (1) console and (2) self service interfaces.

CPENameOperatorVersion
tivoli_identity_managereq5.0.0.6

CPE	Name	Operator	Version
	tivoli_identity_manager	eq	5.0.0.6

References

secunia.com/advisories/35931

www-01.ibm.com/support/docview.wss?uid=swg1IZ55659

www-01.ibm.com/support/docview.wss?uid=swg24023826

www.securityfocus.com/bid/35779

www.securitytracker.com/id?1022597

www.vupen.com/english/advisories/2009/1990