IBM i2 iBase 8.9.13 and 9.0.0 could allow a local attacker to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 206213.
According to WASC, “Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization.”
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| I2_ibase | Ibm | 8.9.13 (including) | 8.9.13 (including) |
| I2_ibase | Ibm | 9.0.0 (including) | 9.0.0 (including) |