CVE-2023-49881

Summary

IBM Transformation Extender Advanced 10.0.1

does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.

Affected Software

VendorProductVersion RangeStatus
IBMTransformation Extender Advanced10.0.1affected

Weaknesses

  • CWE-613: CWE-613 Insufficient Session Expiration

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References