Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe
Filtered by product Mobile Foundation
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-4229 1 Ibm 1 Mobile Foundation 2024-02-04 7.5 HIGH 7.3 HIGH
IBM Worklight/MobileFoundation 8.0.0.0 does not properly invalidate session cookies when a user logs out of a session, which could allow another user to gain unauthorized access to a user's session. IBM X-Force ID: 175211.
CVE-2013-5391 1 Ibm 2 Mobile Foundation, Worklight 2024-02-04 3.5 LOW 5.3 MEDIUM
IBM Worklight Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.x before 6.0.0 Fix Pack 2, and Mobile Foundation Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.0 Fix Pack 2 make it easier for attackers to defeat cryptographic protection mechanisms by leveraging improper initialization of the pseudo random number generator (PRNG) in Android and use of the Java Cryptography Architecture (JCA) by a Worklight program. IBM X-Force ID: 87128.
CVE-2014-0888 1 Ibm 2 Mobile Foundation, Worklight 2024-02-04 4.9 MEDIUM N/A
IBM Worklight Foundation 5.x and 6.x before 6.2.0.0, as used in Worklight and Mobile Foundation, allows remote authenticated users to bypass the application-authenticity feature via unspecified vectors.