2.1

CVE-2014-6110

IBM Security Identity Manager 6.x before 6.0.0.3 IF14 does not properly perform logout actions, which allows remote attackers to access sessions by leveraging an unattended workstation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmSecurity Identity Manager Version6.0.0.0
IbmSecurity Identity Manager Version6.0.0.1
IbmSecurity Identity Manager Version6.0.0.2
IbmSecurity Identity Manager Version6.0.0.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.58% 0.429
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:P/A:N
CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

http://www-01.ibm.com/support/docview.wss?uid=swg1IV66496
http://www-01.ibm.com/support/docview.wss?uid=swg1IV66624
http://www-01.ibm.com/support/docview.wss?uid=swg1IV66635
http://www-01.ibm.com/support/docview.wss?uid=swg1IV66637
http://www-01.ibm.com/support/docview.wss?uid=swg1IV66642
http://www-01.ibm.com/support/docview.wss?uid=swg1IV66645
http://www-01.ibm.com/support/docview.wss?uid=swg21689779
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/96179