IBM Security AppScan Enterprise before 8.7 does not invalidate the session context upon a logout action, which allows remote attackers to hijack sessions by leveraging an unattended workstation. Rated low severity (CVSS 1.7), this vulnerability is low attack complexity. No vendor patch available.
Privilege Escalation
IBM
Security Appscan
NVD
CVSS 2.0
1.7
EPSS
0.1%