Security Advisory

CVE-2024-38315

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-09-16 15:05:49
Last updated 2024-09-16 15:16:30
Assigner ibm
State PUBLISHED

Description

IBM Aspera Shares 1.0 through 1.10.0 PL3 does not invalidate session after a password reset which could allow an authenticated user to impersonate another user on the system.