Primary

Context

IBM Transformation Extender Advanced Session Fixation Vulnerability

Vulnerability

Patched

A session fixation vulnerability has been identified in IBM Transformation Extender Advanced version 10.0.1. The issue arises because the application does not properly invalidate user sessions after logout, potentially allowing an authenticated user to impersonate another user on the system.

Impact

Exploitation of this vulnerability could lead to unauthorized user impersonation.

Remediation

Users are advised to upgrade to version 10.0.1.11 or 10.0.2.0.

Added: Oct 1, 2025, 5:27 PM

Updated: Oct 1, 2025, 5:27 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

1.3

exploitability

4.9

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

1.3

exploitability

4.9

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Transformation Extender Advanced Session Fixation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

IBM Transformation Extender Advanced

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating