CVE-2009-2583

Multiple session fixation vulnerabilities in IBM Tivoli Identity Manager (ITIM) 5.0.0.6 allow remote attackers to hijack web sessions via unspecified vectors involving the (1) console and (2) self service interfaces.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 75%
VendorProductVersion
ibmtivoli_identity_manager
5.0.0.6
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/35931
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ55659
http://www-01.ibm.com/support/docview.wss?uid=swg24023826
http://www.securityfocus.com/bid/35779
http://www.securitytracker.com/id?1022597
http://www.vupen.com/english/advisories/2009/1990
http://secunia.com/advisories/35931
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ55659
http://www-01.ibm.com/support/docview.wss?uid=swg24023826
http://www.securityfocus.com/bid/35779
http://www.securitytracker.com/id?1022597
http://www.vupen.com/english/advisories/2009/1990