Lucene search
MitreCVE-2012-4592HistoryAug 22, 2012 - 10:42 a.m.
CVE-2012-4592
2012-08-2210:42:05
mitre
web.nvd.nist.gov
33
mcafee
emm
cve-2012-4592
session cookie
security vulnerability
https
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.7
Confidence
Low
EPSS
0.004
Percentile
73.4%
The Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 does not set the secure flag for the ASP.NET session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
Affected configurations
Node
mcafeeenterprise_mobility_managerRange≤9.6
ORmcafeeenterprise_mobility_managerMatch4.7
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mcafee | enterprise_mobility_manager | * | cpe:2.3:a:mcafee:enterprise_mobility_manager:*:*:*:*:*:*:*:* |
| mcafee | enterprise_mobility_manager | 4.7 | cpe:2.3:a:mcafee:enterprise_mobility_manager:4.7:*:*:*:*:*:*:* |
Related
prion
prion
Session fixation
2012-08-22 10:42:00
nvd
nvd
CVE-2012-4592
2012-08-22 10:42:05
cvelist
cvelist
CVE-2012-4592
2012-08-22 10:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.7
Confidence
Low
EPSS
0.004
Percentile
73.4%
Related for CVE-2012-4592