CVE-2023-40695 Information

Description

IBM Cognos Controller 10.4.1 10.4.2 and 11.0.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 264938.

Reference

https://www.ibm.com/support/pages/node/7149876 https://exchange.xforce.ibmcloud.com/vulnerabilities/264938