Lucene search
HistoryJun 02, 2015 - 2:59 p.m.
CVE-2014-8391
cve-2014-8391
sendio
web interface
session handling
remote authentication
information disclosure
nvd
5.5 Medium
AI Score
Confidence
Low
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.006 Low
EPSS
Percentile
79.0%
The Web interface in Sendio before 7.2.4 does not properly handle sessions, which allows remote authenticated users to obtain sensitive information from other users’ sessions via a large number of requests.
| CPE | Name | Operator | Version |
|---|---|---|---|
| sendio:sendio | sendio | le | 7.2.3 |
Related
prion
prion
Code injection
2015-06-02 14:59:00
cvelist
cvelist
CVE-2014-8391
2015-06-02 14:00:00
exploitpack
exploitpack
Sendio ESP - Information Disclosure
2015-05-26 00:00:00
packetstorm
packetstorm
Sendio ESP Information Disclosure
2015-05-22 00:00:00
securityvulns
securityvulns
Sendio ESP information disclosure
2015-06-08 00:00:00
[CORE-2015-0010] - Sendio ESP Information Disclosure Vulnerability
2015-06-08 00:00:00
openvas
openvas
Sendio ESP Multiple Information Disclosure Vulnerabilities
2015-06-10 00:00:00
coresecurity
coresecurity
Sendio ESP Information Disclosure Vulnerability
2015-05-22 00:00:00
exploitdb
exploitdb
Sendio ESP - Information Disclosure
2015-05-26 00:00:00
5.5 Medium
AI Score
Confidence
Low
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.006 Low
EPSS
Percentile
79.0%
Related for CVE-2014-8391