CVE-2009-2583

Sažetak

Multiple session fixation vulnerabilities in IBM Tivoli Identity Manager (ITIM) 5.0.0.6 allow remote attackers to hijack web sessions via unspecified vectors involving the (1) console and (2) self service interfaces.

Reference

http://secunia.com/advisories/35931
http://www.securityfocus.com/bid/35779
http://www.securitytracker.com/id?1022597
http://www.vupen.com/english/advisories/2009/1990
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ55659
http://www-01.ibm.com/support/docview.wss?uid=swg24023826

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

04-08-2009 - 05:25

Objavljeno

23-07-2009 - 20:30