CVE-2013-2997

Name of the Vulnerable Software and Affected Versions IBM Security AppScan Enterprise versions prior to 8.7

Description The issue allows remote attackers to hijack sessions by leveraging an unattended workstation, due to the failure to invalidate the session context upon a logout action.

Recommendations For versions prior to 8.7, update to version 8.7 or later to resolve the issue. As a temporary workaround, consider implementing a custom session invalidation mechanism upon logout to minimize the risk of session hijacking. Restrict access to workstations to prevent attackers from leveraging unattended machines.