Vulnerabilities > CVE-2022-41291 - Insufficient Session Expiration vulnerability in IBM Infosphere Information Server 11.7

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
NONE
network
low complexity
ibm
CWE-613

Summary

IBM InfoSphere Information Server 11.7 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 236699.

Vulnerable Configurations

Part Description Count
Application
Ibm
1
OS
Ibm
1
OS
Linux
1
OS
Microsoft
1

Common Weakness Enumeration (CWE)