Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IBM Security Guardium 10.0 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. This could force a user to utilize a cookie that may be known to an attacker. IBM X-Force ID: 124745.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Security Guardium 安全漏洞
Vulnerability Description
IBM Security Guardium是美国IBM公司的一套提供数据保护功能的平台。该平台包括自定义UI、报告管理和流线化的审计流程构建等功能。 IBM Security Guardium中存在会话固定漏洞,该漏洞源于在身份验证成功之后,程序没有更新会话值。攻击者可利用该漏洞劫持用户会话。以下版本受到影响:IBM Security Guardium 10.0版本,10.0.1版本,10.1版本,10.1.2版本,10.1.3版本。
CVSS Information
N/A
Vulnerability Type
N/A