Retired - Blackboard Learning System Access Validation Vulnerability

Retired - Blackboard Learning System Access Validation Vulnerability

Blackboard is prone to a vulnerability that may permit an attacker to gain access to another user account. This issue is due to an error in the authentication mechanism.

An attacker with a valid account that has access to a Blackboard session of another user that is currently timed out, can gain access to that user's account. Successful exploitation will grant the attacker complete access to the victim user's account.

This issue does not affect Blackboard directly, but is specific to a particular site. Therefore, this BID is being retired.