Computer Associates Multiple CleverPath Portal Environments Session Hijacking Vulnerability

Computer Associates Multiple CleverPath Portal Environments Session Hijacking Vulnerability

Computer Associates multiple CleverPath Portal environments are prone to a session-hijacking vulnerability.

The vulnerability affects only multiserver CleverPath Portal environments, which is not the default deployment.

An attacker can exploit this issue to hijack the portal session and associated security authentication of a user running on another portal server.

This issue affects the CleverPath Portal solution and other products that embed this portal technology.