CVE-2016-8924

Name of the Vulnerable Software and Affected Versions IBM Maximo Asset Management versions 7.1 through 7.6

Description The issue is caused by the failure to invalidate an existing session identifier, allowing a remote attacker to hijack a user's session and gain access to another user's session. This could be exploited to gain unauthorized access.

Recommendations For versions 7.1 through 7.6, update the software to a version that includes a fix for the session identifier issue, ensuring that existing session identifiers are properly invalidated to prevent session hijacking. At the moment, there is no information about a newer version that contains a fix for this vulnerability.