6.8
CVE-2009-2583
- EPSS 1.38%
- Veröffentlicht 23.07.2009 20:30:00
- Zuletzt bearbeitet 16.06.2026 23:09:45
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Multiple session fixation vulnerabilities in IBM Tivoli Identity Manager (ITIM) 5.0.0.6 allow remote attackers to hijack web sessions via unspecified vectors involving the (1) console and (2) self service interfaces.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Tivoli Identity Manager Version5.0.0.6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.38% | 0.685 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://secunia.com/advisories/35931
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ55659
http://www-01.ibm.com/support/docview.wss?uid=swg24023826
http://www.securityfocus.com/bid/35779
http://www.securitytracker.com/id?1022597
http://www.vupen.com/english/advisories/2009/1990