Security Bulletin: Session Fixation Vulnerability in IBM InfoSphere Master Data Management - Collaborative Edition (CVE-2013-5426)
An unspecified vulnerability in IBM InfoSphere Master Data Management – Collaborative Edition might allow an attacker to gain unauthorized access to a user's session. An attacker with access to a user's open browser before the user authenticates with the IBM InfoSphere Master Data Management Collaboration Server can gather information that allows the attacker to impersonate that user if the user later authenticates by using the open browser within a certain time. This information includes sensitive information. The attacker can also perform any actions available to the impersonated user.