Lucene search
Japan Vulnerability NotesJVN:97200417HistoryApr 05, 2012 - 12:00 a.m.
JVN#97200417: SENCHA SNS vulnerable to session fixation
2012-04-0500:00:00
Japan Vulnerability Notes
jvn.jp
15
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
71.8%
SENCHA SNS is an open source SNS software. SENCHA SNS contains a session fixation vulnerability.
Impact
A remote, unauthenticated attacker may impersonate an honest user of the affected product. As a result, information may be altered or obtained.
Solution
Update the Software
Update to the latest version provided by the developer.
Products Affected
- SENCHA SNS 1.0.1 and earlier
Related
cve
cve
CVE-2012-1238
2012-04-06 18:55:01
cvelist
cvelist
CVE-2012-1238
2012-04-06 18:00:00
prion
prion
Session fixation
2012-04-06 18:55:00
nvd
nvd
CVE-2012-1238
2012-04-06 18:55:01
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
71.8%
Related for JVN:97200417