Skip to main content

Mobile Foundation

2 CVEs product

Monthly

CVE-2020-4229 HIGH PATCH This Week

IBM Worklight/MobileFoundation 8.0.0.0 does not properly invalidate session cookies when a user logs out of a session, which could allow another user to gain unauthorized access to a user's session. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Session Fixation Authentication Bypass Mobile Foundation
NVD
CVSS 3.1
7.3
EPSS
0.9%
CVE-2014-0888 MEDIUM This Month

IBM Worklight Foundation 5.x and 6.x before 6.2.0.0, as used in Worklight and Mobile Foundation, allows remote authenticated users to bypass the application-authenticity feature via unspecified. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

IBM Privilege Escalation Worklight Mobile Foundation
NVD
CVSS 2.0
4.9
EPSS
0.2%
EPSS 1% CVSS 7.3
HIGH PATCH This Week

IBM Worklight/MobileFoundation 8.0.0.0 does not properly invalidate session cookies when a user logs out of a session, which could allow another user to gain unauthorized access to a user's session. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Session Fixation Authentication Bypass +1
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

IBM Worklight Foundation 5.x and 6.x before 6.2.0.0, as used in Worklight and Mobile Foundation, allows remote authenticated users to bypass the application-authenticity feature via unspecified. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

IBM Privilege Escalation Worklight +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy