[email protected]CVE-2009-4509

HistoryApr 13, 2010 - 5:30 p.m.

CVE-2009-4509

2010-04-1317:30:00

CWE-94

[email protected]

web.nvd.nist.gov

tandberg

video communication server

vcs

authentication bypass

predictable session cookies

remote attackers

cve-2009-4509

nvd

7.8 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.026 Low

EPSS

Percentile

90.2%

JSON

The administrative web console on the TANDBERG Video Communication Server (VCS) before X4.3 uses predictable session cookies in (1) tandberg/web/lib/secure.php and (2) tandberg/web/user/lib/secure.php, which makes it easier for remote attackers to bypass authentication, and execute arbitrary code by loading a custom software update, via a crafted “Cookie: tandberg_login=” HTTP header.

CPENameOperatorVersion
vsecurity:tandberg_video_communication_servervsecurity tandberg video communication servereqx2.1.0
vsecurity:tandberg_video_communication_servervsecurity tandberg video communication servereqx1.0.0
vsecurity:tandberg_video_communication_servervsecurity tandberg video communication servereqx4.1.0
vsecurity:tandberg_video_communication_servervsecurity tandberg video communication servereqx3.1.0
vsecurity:tandberg_video_communication_servervsecurity tandberg video communication servereqx3.0.0
vsecurity:tandberg_video_communication_servervsecurity tandberg video communication servereqx1.1.0
vsecurity:tandberg_video_communication_servervsecurity tandberg video communication serverlex4.2.1
vsecurity:tandberg_video_communication_servervsecurity tandberg video communication servereqx4.2.0
vsecurity:tandberg_video_communication_servervsecurity tandberg video communication servereqx1.2.0
vsecurity:tandberg_video_communication_servervsecurity tandberg video communication servereqx2.0.0

CPE	Name	Operator	Version
vsecurity:tandberg_video_communication_server	vsecurity tandberg video communication server	eq	x2.1.0
vsecurity:tandberg_video_communication_server	vsecurity tandberg video communication server	eq	x1.0.0
vsecurity:tandberg_video_communication_server	vsecurity tandberg video communication server	eq	x4.1.0
vsecurity:tandberg_video_communication_server	vsecurity tandberg video communication server	eq	x3.1.0
vsecurity:tandberg_video_communication_server	vsecurity tandberg video communication server	eq	x3.0.0
vsecurity:tandberg_video_communication_server	vsecurity tandberg video communication server	eq	x1.1.0
vsecurity:tandberg_video_communication_server	vsecurity tandberg video communication server	le	x4.2.1
vsecurity:tandberg_video_communication_server	vsecurity tandberg video communication server	eq	x4.2.0
vsecurity:tandberg_video_communication_server	vsecurity tandberg video communication server	eq	x1.2.0
vsecurity:tandberg_video_communication_server	vsecurity tandberg video communication server	eq	x2.0.0

References

ftp.tandberg.com/pub/software/vcs/TANDBERG%20Video%20Communication%20Server%20Software%20Release%20Notes%20%28X4%29.pdf

secunia.com/advisories/39275

www.securityfocus.com/archive/1/510672/100/0/threaded

www.vsecurity.com/resources/advisory/20100409-1

7.8 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.026 Low

EPSS

Percentile

90.2%

JSON

Related for CVE-2009-4509

prion1 securityvulns2