CVE-2023-0041: IBM Security Guardium session fixation
First published: Tue May 30 2023(Updated: )
IBM Security Guardium 11.5 could allow a user to take over another user's session due to insufficient session expiration. IBM X-Force ID: 243657.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Security Guardium | =11.5 | |
| Linux Linux kernel | ||
| <=11.3 | ||
| <=11.4 | ||
| <=11.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this IBM Security Guardium vulnerability?
The vulnerability ID is CVE-2023-0041.
What is the severity level of CVE-2023-0041?
The severity level of CVE-2023-0041 is high.
How does IBM Security Guardium 11.5 become vulnerable to CVE-2023-0041?
IBM Security Guardium 11.5 becomes vulnerable to CVE-2023-0041 due to insufficient session expiration.
What is the IBM X-Force ID associated with this vulnerability?
The IBM X-Force ID associated with this vulnerability is 243657.
Are previous versions of IBM Security Guardium also affected by CVE-2023-0041?
Yes, previous versions up to and including 11.5 of IBM Security Guardium are affected by CVE-2023-0041.
- agent/references
- agent/type
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/remedy
- agent/title
- agent/author
- agent/description
- agent/softwarecombine
- agent/tags
- agent/event
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- vendor/ibm
- canonical/ibm security guardium
- version/ibm security guardium/11.5
- vendor/linux
- canonical/linux linux kernel
- version/ibm security guardium/11.3
- version/ibm security guardium/11.4