CVE-2023-38018 Information

Description

IBM Aspera Shares 1.10.0 PL2 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 260574.

Reference

https://www.ibm.com/support/pages/node/7164325