Novell iManager 2.7 before SP6 Patch 1 does not refresh a token after a logout action, which has unspecified impact and remote attack vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Authentication Bypass
Imanager
NVD
CVSS 2.0
10.0
EPSS
0.2%