Lucene search

[email protected]CVE-2013-4001

HistoryDec 14, 2013 - 10:55 p.m.

CVE-2013-4001

2013-12-1422:55:00

CWE-287

[email protected]

web.nvd.nist.gov

ibm

cognos

command center

10.2

session fixation

vulnerability

nvd

6.8 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

53.4%

JSON

Session fixation vulnerability in IBM Cognos Command Center before 10.2 allows remote attackers to hijack web sessions via an authorization cookie.

CPENameOperatorVersion
ibm:cognos_command_centeribm cognos command centereq10.0
ibm:cognos_command_centeribm cognos command centerle10.1

CPE	Name	Operator	Version
ibm:cognos_command_center	ibm cognos command center	eq	10.0
ibm:cognos_command_center	ibm cognos command center	le	10.1

References

www-01.ibm.com/support/docview.wss?uid=swg21657932

exchange.xforce.ibmcloud.com/vulnerabilities/85151

6.8 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

53.4%

JSON

Related for CVE-2013-4001

prion1 cvelist1 seebug1 ibm1