CVE-2019-4072

Name of the Vulnerable Software and Affected Versions IBM Tivoli Storage Productivity Center versions 5.2.1 through 5.2.17

Description The issue allows users to remain idle within the application even after logging out, and by utilizing the application's back button, users can remain logged in for a short period. This presents users with information for the Spectrum Control Application.

Recommendations For versions 5.2.1 through 5.2.17, consider implementing a timeout feature that automatically logs out users after a period of inactivity to prevent unauthorized access. Additionally, restrict the use of the back button to prevent users from accessing sensitive information after logging out.