CVE-2006-0511

Name of the Vulnerable Software and Affected Versions Blackboard Academic Suite versions 6.0 and earlier

Description The issue arises when the software does not properly clear session information after a user has been idle and then de-authenticates. This allows subsequent users to log in as the previous user, potentially gaining privileges. The vendor has disputed this issue, stating it is related to a customer's specific Kerberos authentication single sign-on application rather than a vulnerability in the Blackboard product itself.

Recommendations For Blackboard Academic Suite versions 6.0 and earlier, consider implementing additional session management measures to ensure proper clearance of user session information upon de-authentication. As a temporary workaround, restrict access to sensitive areas of the application to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.