PT-2020-14731 · Immuta · Immuta

Chris Davis

Published

2020-11-05

Updated

2020-11-12

CVE-2020-15950

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Immuta version 2.8.2

Description The issue is related to improper session management, where user sessions are not revoked upon logout.

Recommendations For Immuta version 2.8.2, consider implementing a custom session revocation mechanism upon user logout as a temporary workaround until a patch is available.

Exploit

Fix

Insufficient Session Expiration

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-613

Related Identifiers

CVE-2020-15950

Affected Products

Immuta

PT-2020-14731 · Immuta · Immuta

CVE-2020-15950

Weakness Enumeration

Related Identifiers

Affected Products

References · 5