Vulnerability Description
Multiple session fixation vulnerabilities in IBM Tivoli Identity Manager (ITIM) 5.0.0.6 allow remote attackers to hijack web sessions via unspecified vectors involving the (1) console and (2) self service interfaces.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Tivoli Identity Manager | 5.0.0.6 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/35931Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg1IZ55659Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg24023826PatchVendor Advisory
- http://www.securityfocus.com/bid/35779Patch
- http://www.securitytracker.com/id?1022597
- http://www.vupen.com/english/advisories/2009/1990PatchVendor Advisory
- http://secunia.com/advisories/35931Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg1IZ55659Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg24023826PatchVendor Advisory
- http://www.securityfocus.com/bid/35779Patch
- http://www.securitytracker.com/id?1022597
- http://www.vupen.com/english/advisories/2009/1990PatchVendor Advisory
FAQ
What is CVE-2009-2583?
CVE-2009-2583 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Multiple session fixation vulnerabilities in IBM Tivoli Identity Manager (ITIM) 5.0.0.6 allow remote attackers to hijack web sessions via unspecified vectors involving the (1) console and (2) self ser...
How severe is CVE-2009-2583?
CVE-2009-2583 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-2583?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Tivoli Identity Manager.