CVE-2013-2997 Information

Description

IBM Security AppScan Enterprise before 8.7 does not invalidate the session context upon a logout action which allows remote attackers to hijack sessions by leveraging an unattended workstation.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg21640352 https://exchange.xforce.ibmcloud.com/vulnerabilities/84066