Vulnerabilities > CVE-2020-4696 - Insufficient Session Expiration vulnerability in IBM Cloud PAK for Security 1.3.0.1

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
low complexity
ibm
CWE-613

Summary

IBM Cloud Pak for Security 1.3.0.1(CP4S) does not invalidate session after logout which could allow an authenticated user to obtain sensitive information from the previous session. IBM X-Force ID: 186789.

Vulnerable Configurations

Part Description Count
Application
Ibm
1

Common Weakness Enumeration (CWE)