cvedb.io
CVE-2017-1270
LOW · CVSS 3.3
EPSS exploitation probability: 0%
Published 2017-12-20T18:29:00.480 · Last modified 2026-06-17T01:14:09.750

Summary

IBM Security Guardium 10.0 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. This could force a user to utilize a cookie that may be known to an attacker. IBM X-Force ID: 124745.

Affected products

ibm — security_guardium

Does this affect you?

Add your gear to cvedb and we'll alert you only when ibm ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.