Lucene search

K
cvelistMitreCVELIST:CVE-2008-6722
HistoryApr 14, 2009 - 4:00 p.m.

CVE-2008-6722

2009-04-1416:00:00
mitre
www.cve.org

6.4 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

53.9%

Novell Access Manager 3 SP4 does not properly expire X.509 certificate sessions, which allows physically proximate attackers to obtain a logged-in session by using a victim’s web-browser process that continues to send the original and valid SSL sessionID, related to inability of Apache Tomcat to clear entries from its SSL cache.

6.4 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

53.9%

Related for CVELIST:CVE-2008-6722