IBM SME Manager 2.0 Session Logout Does Not Invalidate Session (CVE-2022-34334)
CVE-2022-34334 Published on October 10, 2022

IBM Sterling Partner Engagement Manager 2.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 229704.

NVD

Products Associated with CVE-2022-34334

Want to know whenever a new CVE is published for IBM Sterling Partner Engagement Manager? stack.watch will email you.

IBM Sterling Partner Engagement Manager

Affected Versions

IBM Sterling Partner Engagement Manager:

Version 6.1 is affected.
Version 2.0 is affected.

Exploit Probability

EPSS

0.10%

Percentile

26.75%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

IBM SME Manager 2.0 Session Logout Does Not Invalidate Session (CVE-2022-34334)CVE-2022-34334 Published on October 10, 2022

Products Associated with CVE-2022-34334

Affected Versions

Exploit Probability

IBM SME Manager 2.0 Session Logout Does Not Invalidate Session (CVE-2022-34334)
CVE-2022-34334 Published on October 10, 2022