CVE-2023-26288

IBM Aspera Orchestrator 4.0.1 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 248477. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt