Vulnerabilities > IBM > Mobile Foundation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-05 | CVE-2020-4229 | Session Fixation vulnerability in IBM Mobile Foundation 8.0.0.0 IBM Worklight/MobileFoundation 8.0.0.0 does not properly invalidate session cookies when a user logs out of a session, which could allow another user to gain unauthorized access to a user's session. | 7.5 |
| 2018-04-27 | CVE-2013-5391 | Cryptographic Issues vulnerability in IBM Mobile Foundation and Worklight IBM Worklight Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.x before 6.0.0 Fix Pack 2, and Mobile Foundation Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.0 Fix Pack 2 make it easier for attackers to defeat cryptographic protection mechanisms by leveraging improper initialization of the pseudo random number generator (PRNG) in Android and use of the Java Cryptography Architecture (JCA) by a Worklight program. | 3.5 |
| 2014-08-29 | CVE-2014-0888 | Permissions, Privileges, and Access Controls vulnerability in IBM Mobile Foundation and Worklight IBM Worklight Foundation 5.x and 6.x before 6.2.0.0, as used in Worklight and Mobile Foundation, allows remote authenticated users to bypass the application-authenticity feature via unspecified vectors. | 4.9 |