CVE-2020-4229
CVE-2020-4229
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.6EPSS 0.9%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
05 Jun 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM Worklight/MobileFoundation 8.0.0.0 does not properly invalidate session cookies when a user logs out of a session, which could allow another user to gain unauthorized access to a user's session. IBM X-Force ID: 175211.
CVSS:3.0/AV:N/C:L/PR:N/AC:H/UI:N/A:L/I:L/S:U/RC:C/E:U/RL:O
Affected products
IBM · MobileFirst Platform Foundation