Lucene search
HistoryJun 06, 2007 - 1:30 a.m.
CVE-2007-3050
cve-2007-3050
session fixation
chameleon cms
web sessions
remote attackers
phpsessid parameter
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.7 Medium
AI Score
Confidence
Low
0.019 Low
EPSS
Percentile
88.6%
Session fixation vulnerability in chameleon cms 3.0 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
Affected configurations
Node
chameleon_cmschameleon_cmsRange≤3.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| chameleon_cms:chameleon_cms | chameleon cms | le | 3.0 |
Related
prion
prion
Session fixation
2007-06-06 01:30:00
cvelist
cvelist
CVE-2007-3050
2007-06-06 01:00:00
nvd
nvd
CVE-2007-3050
2007-06-06 01:30:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.7 Medium
AI Score
Confidence
Low
0.019 Low
EPSS
Percentile
88.6%
Related for CVE-2007-3050