Vulnerability Details CVE-2016-6040
IBM Jazz Foundation could allow an authenticated user to take over a previously logged in user due to session expiration not being enforced.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.6%
CVSS Severity
CVSS v3 Score 5.0
CVSS v2 Score 6.0
References
Products affected by CVE-2016-6040
-
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.0
-
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.1
-
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.2
-
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.3
-
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.4
-
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.5
-
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.6
-
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.7
-
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.0
-
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.1
-
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.2
-
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:6.0.0
-
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:6.0.1
-
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:6.0.2