Session Hijacking Vulnerability in IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003

CVE-2016-0340 · MEDIUM Severity

AV:L/AC:M/AU:N/C:P/I:P/A:P

IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles session expiration, which allows remote attackers to hijack sessions by leveraging an unattended workstation.

Learn more about our Web Application Penetration Testing UK.