MEDIUM🇵🇱 Wersja polska

CVE-2023-49881

CVSS 6.3v3.1pub. 2025-10-01upd. 2025-10-03

IBM Transformation Extender Advanced 10.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  • IBM Transformation Extender Advanced

    APP
    Ibm
    10.0.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-49886CRITICAL9.8PL ✓ten sam produkt

RCE przez niebezpieczną deserializację Java w IBM Standards Processing Engine

CVE-2017-1758HIGH7.1ten sam produkt

IBM Financial Transaction Manager for ACH Services for Multi-Platform (IBM Control Center 6.0 and 6.1, IBM Fin...

CVE-2023-49883MEDIUM5.9ten sam produkt

IBM Transformation Extender Advanced 10.0.1 does not require that users should have strong passwords by ...

CVE-2023-50300MEDIUM5.1ten sam produkt

IBM Transformation Extender Advanced 10.0.1 could allow a local user to perform unauthorized actions due t...

CVE-2021-29883MEDIUM4.3ten sam produkt

IBM Standards Processing Engine (IBM Transformation Extender Advanced 9.0 and 10.0) does not set the secure at...