IBM Sterling Connect:Direct Web Services 6.1.0, 6.2.0, and 6.3.0 does not invalidate session after a browser closure which could allow an authentica

BROWSER

18-04-2025 16:11

CVE-2024-45651 Vulnerabilidad documentada

6.3 MEDIUM

Tags

#web

#browser

#authenticated

#allow

Descripción

IBM Sterling Connect:Direct Web Services 6.1.0, 6.2.0, and 6.3.0 does not invalidate session after a browser closure which could allow an authenticated user to impersonate another on the system.

https://www.ibm.com/support/pages/node/7231178

Referencia

Link externo

Ver detalles

Fuente

https://nvd.nist.gov/vuln/detail/CVE-2024-45651

Resultados similares

Coincidentes en almenos en 50% de los tags

16-04-2025 CVE-2022-22757
Remote Agent, used in WebDriver, did not validate the Host or Origin headers. This could have a...
Ver información

15-04-2025 CVE-2022-47934
Brave Browser before 1.43.88 allowed a remote attacker to cause a denial of service in private ...
Ver información