CVE-2009-2583

Name of the Vulnerable Software and Affected Versions IBM Tivoli Identity Manager version 5.0.0.6

Description The issue involves multiple session fixation vulnerabilities that can be exploited by remote attackers to hijack web sessions. This is achieved through unspecified vectors involving the console and self-service interfaces.

Recommendations For IBM Tivoli Identity Manager version 5.0.0.6, consider restricting access to the console and self-service interfaces until a fix is available. As a temporary workaround, disabling the affected interfaces may help minimize the risk of session hijacking. At the moment, there is no information about a newer version that contains a fix for this vulnerability.