Back to search
CVE-2008-4294
Published: Sep 27, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
IBM Tivoli Netcool/Webtop 2.1 before 2.1.0.5 preserves cached user privileges after logout, which allows physically proximate attackers to hijack a session by visiting an unattended workstation, as demonstrated by a root session that is still valid after a subsequent read-only session has begun.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2008-2690
vdb-entry
x_refsource_VUPEN
tivoli-netcoolwebtop-privilege-escalation(45419)
vdb-entry
x_refsource_XF
32036
third-party-advisory
x_refsource_SECUNIA
31414
vdb-entry
x_refsource_BID
http://www-01.ibm.com/support/docview.wss?uid=swg24018932
x_refsource_CONFIRM
IZ21888
vendor-advisory
x_refsource_AIXAPAR
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now