Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Session fixation vulnerability in IBM Initiate Master Data Service 9.5 before 9.5.093013, 9.7 before 9.7.093013, 10.0 before 10.0.093013, and 10.1 before 10.1.093013 allows remote attackers to hijack web sessions via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Initiate Master Data Service 会话固定漏洞
Vulnerability Description
IBM Initiate Master Data Service是美国IBM公司的一套用于实现Initiate主数据管理的产品平台。该平台提供了针对关键数据资产以及这些数据相互关系的单一可靠数据版本,并通过统一的数据清洗、匹配和链接等操作解决数据的不一致和重复,从而对外提供真实可靠的主数据。 IBM Initiate Master Data Service中存在会话固定漏洞,该漏洞源于程序在身份认证成功后没有更新会话标识符。远程攻击者可利用该漏洞劫持Web会话。以下版本受到影响:IBM Initiate
CVSS Information
N/A
Vulnerability Type
N/A