CVE-2020-4253
First published: Tue Mar 24 2020(Updated: )
IBM Content Navigator 3.0CD does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 175559.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Content Navigator | =3.0.0 | |
| <=3.0CD |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-4253?
The severity of CVE-2020-4253 is high with a CVSS score of 8.8.
How does IBM Content Navigator 3.0CD handle session invalidation after logout?
IBM Content Navigator 3.0CD does not invalidate session after logout.
What is the impact of CVE-2020-4253?
CVE-2020-4253 allows an authenticated user to impersonate another user on the system.
Which version of IBM Content Navigator is affected by CVE-2020-4253?
IBM Content Navigator 3.0CD is affected by CVE-2020-4253.
Are there any fixes or patches available for CVE-2020-4253?
Please refer to IBM's support page for information on available fixes for CVE-2020-4253.
- collector/nvd-index
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/author
- agent/severity
- agent/last-modified-date
- agent/remedy
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- agent/first-publish-date
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- vendor/ibm
- canonical/ibm content navigator
- version/ibm content navigator/3.0.0
- version/ibm content navigator/3.0cd