Vulnerability Details CVE-2023-40732
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile module of the affected application does not invalidate the session token on logout. This could allow an attacker to perform session hijacking attacks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 28.7%
CVSS Severity
CVSS v3 Score 3.9
References
Products affected by CVE-2023-40732
-
cpe:2.3:a:siemens:qms_automotive:-
-
cpe:2.3:a:siemens:qms_automotive:12.30