CVE-2022-22318

IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:ibm:curam_social_program_management:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:curam_social_program_management:8.0.0:*:*:*:*:*:*:*
OR cpe:2.3:o:ibm:z\/os:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:-:*

Information

Published : 2022-06-20 10:15

Updated : 2022-06-28 05:22


NVD link : CVE-2022-22318

Mitre link : CVE-2022-22318


JSON object : View

CWE
CWE-613

Insufficient Session Expiration

Advertisement

dedicated server usa

Products Affected

microsoft

  • windows

ibm

  • aix
  • z\/os
  • curam_social_program_management

hp

  • hp-ux

linux

  • linux_kernel

oracle

  • solaris