First published: Wed Jul 31 2019(Updated: )
SAS Drug Development (SDD) before 32DRG02 mishandles logout actions, which allows a user (who was previously logged in) to access resources by pressing a back or forward button in a web browser.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Sas Sas Drug Development | <32drg02 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2007-6763.
The severity of CVE-2007-6763 is high with a severity value of 8.8.
SAS Drug Development (SDD) version up to but not including 32DRG02 is affected by CVE-2007-6763.
CVE-2007-6763 manifests as mishandled logout actions in SAS Drug Development (SDD), allowing a previously logged-in user to access resources by pressing a back or forward button in a web browser.
You can find more information about CVE-2007-6763 in the SAS Drug Development (SDD) Release Notes for version 32DRG02.