Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
3DescriptionCVE.org
IBM Transformation Extender Advanced 10.0.1
does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
Analysis
IBM Transformation Extender Advanced 10.0.1
does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
Technical ContextAI
This vulnerability is classified as Insufficient Session Expiration (CWE-613).
RemediationAI
Monitor vendor advisories for patches. Apply mitigations such as network segmentation, access restrictions, and monitoring.
CVE-2023-49883 is a security vulnerability (CVSS 5.9). Remediation should follow standard vulnerability management proce
IBM Transformation Extender Advanced 10.0.1 could allow a local user to perform unauthorized actions due to improper
IBM Standards Processing Engine (IBM Transformation Extender Advanced 9.0 and 10.0) does not set the secure attribute on
Same weakness CWE-613 – Insufficient Session Expiration
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2023-53781