Unrated severityNVD Advisory· Published May 3, 2024· Updated Aug 2, 2024
IBM Cognos Controller session fixation
CVE-2023-40695
Description
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 264938.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
210.4.1, 10.4.2, and 11.0.0+ 1 more
- (no CPE)range: 10.4.1, 10.4.2, and 11.0.0
- (no CPE)range: 10.4.1, 10.4.2, 11.0.0
Patches
Vulnerability mechanics
References
2- www.ibm.com/support/pages/node/7149876mitrevendor-advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/264938mitrevdb-entry
News mentions
0No linked articles in our index yet.