CVE-2022-38382

Sažetak

IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 does not invalidate session after logout which could allow another authenticated user to obtain sensitive information. IBM X-Force ID: 233672.

Reference

https://exchange.xforce.ibmcloud.com/vulnerabilities/233672
https://www.ibm.com/support/pages/node/7165286

CVSS

Base:	4.1
Impact:	1.4
Exploitability:	2.3

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
LOW	NONE	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N

Zadnje važnije ažuriranje

21-09-2024 - 10:15

Objavljeno

13-08-2024 - 02:15