CVE-2021-38823

Critical

The IceHrm 30.0.0 OS website was found vulnerable to Session Management Issue. A signout from an admin account does not invalidate an admin…

mitre·CWE-613·Published 2021-10-04

CVSS

9.8

EPSS

0.01

KEV

Exploits

cve.orgen

186 chars

The IceHrm 30.0.0 OS website was found vulnerable to Session Management Issue. A signout from an admin account does not invalidate an admin session that is opened in a different browser.

NVDen

186 chars

The IceHrm 30.0.0 OS website was found vulnerable to Session Management Issue. A signout from an admin account does not invalidate an admin session that is opened in a different browser.

El sitio web del sistema operativo IceHrm 30.0.0, se encontró vulnerable a un problema de Administración de Sesiones. Un cierre de sesión de una cuenta de administrador no invalida una sesión de administrador que se abre en un navegador diferente

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H