SymmetricalDataSecurity: IBM Security Bulletin: Session fixation defect in IBM Security AppScan Enterprise (CVE-2016-9981)

Tuesday, August 1, 2017

IBM Security Bulletin: Session fixation defect in IBM Security AppScan Enterprise (CVE-2016-9981)

IBM AppScan Enterprise Edition could allow an attacker to hijack a valid user’s session using social engineering.

CVE(s): CVE-2016-9981

Affected product(s) and affected version(s):

Affected AppScan Enterprise Editions	Affected Versions
IBM Security AppScan Enterprise	9.0.0 – 9.0.0.1
IBM Security AppScan Enterprise	9.0.1 – 9.0.1.1
IBM Security AppScan Enterprise	9.0.2 – 9.0.2.1
IBM Security AppScan Enterprise	9.0.3 – 9.0.3.5

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2veCdEk
X-Force Database: http://ift.tt/2uUXjVt

The post IBM Security Bulletin: Session fixation defect in IBM Security AppScan Enterprise (CVE-2016-9981) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2vezZoi

SymmetricalDataSecurity

Tuesday, August 1, 2017

IBM Security Bulletin: Session fixation defect in IBM Security AppScan Enterprise (CVE-2016-9981)

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews