CVE-2009-2583: Input Validation
First published: Thu Jul 23 2009(Updated: )
Multiple session fixation vulnerabilities in IBM Tivoli Identity Manager (ITIM) 5.0.0.6 allow remote attackers to hijack web sessions via unspecified vectors involving the (1) console and (2) self service interfaces.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Tivoli Identity Manager | =5.0.0.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2009-2583?
CVE-2009-2583 is considered a moderate severity vulnerability due to the potential for session hijacking.
How does CVE-2009-2583 affect IBM Tivoli Identity Manager?
CVE-2009-2583 affects IBM Tivoli Identity Manager 5.0.0.6 by allowing remote attackers to hijack web sessions.
What are the attack vectors for CVE-2009-2583?
CVE-2009-2583 can be exploited through unspecified vectors in the console and self-service interfaces.
How can I prevent exploitation of CVE-2009-2583?
To prevent exploitation of CVE-2009-2583, it is recommended to apply available patches and security updates for IBM Tivoli Identity Manager.
Is there a known fix for CVE-2009-2583?
Yes, IBM has released patches to address CVE-2009-2583, which should be applied to impacted installations.
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/first-publish-date
- agent/tags
- agent/description
- agent/event
- agent/source
- vendor/ibm
- canonical/ibm tivoli identity manager
- version/ibm tivoli identity manager/5.0.0.6