Lucene search

K
nvd[email protected]NVD:CVE-2008-5809
HistoryJan 02, 2009 - 6:11 p.m.

CVE-2008-5809

2009-01-0218:11:09
CWE-287
web.nvd.nist.gov

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

6.2

Confidence

Low

EPSS

0.003

Percentile

70.8%

futomi CGI Cafe Access Analyzer CGI Standard 4.0.1 and earlier and Access Analyzer CGI Professional 4.11.3 and earlier use a predictable session id, which makes it easier for remote attackers to hijack sessions, and obtain sensitive information about analysis results, via a modified id.

Affected configurations

NVD
Node
futomiaccess_analyzer_cgiRange4.0.1std
OR
futomiaccess_analyzer_cgiMatch_nil_beta1pro
OR
futomiaccess_analyzer_cgiMatch_nil_beta2pro
OR
futomiaccess_analyzer_cgiMatch1.0pro
OR
futomiaccess_analyzer_cgiMatch1.1pro
OR
futomiaccess_analyzer_cgiMatch1.1std
OR
futomiaccess_analyzer_cgiMatch1.2pro
OR
futomiaccess_analyzer_cgiMatch1.2std
OR
futomiaccess_analyzer_cgiMatch1.3pro
OR
futomiaccess_analyzer_cgiMatch1.3std
OR
futomiaccess_analyzer_cgiMatch1.4pro
OR
futomiaccess_analyzer_cgiMatch1.4std
OR
futomiaccess_analyzer_cgiMatch1.5pro
OR
futomiaccess_analyzer_cgiMatch1.6pro
OR
futomiaccess_analyzer_cgiMatch1.7pro
OR
futomiaccess_analyzer_cgiMatch2.0pro
OR
futomiaccess_analyzer_cgiMatch2.0std
OR
futomiaccess_analyzer_cgiMatch2.1pro
OR
futomiaccess_analyzer_cgiMatch2.1std
OR
futomiaccess_analyzer_cgiMatch2.2pro
OR
futomiaccess_analyzer_cgiMatch2.2std
OR
futomiaccess_analyzer_cgiMatch2.3pro
OR
futomiaccess_analyzer_cgiMatch2.3std
OR
futomiaccess_analyzer_cgiMatch2.4pro
OR
futomiaccess_analyzer_cgiMatch2.4std
OR
futomiaccess_analyzer_cgiMatch3.0pro
OR
futomiaccess_analyzer_cgiMatch3.0std
OR
futomiaccess_analyzer_cgiMatch3.1pro
OR
futomiaccess_analyzer_cgiMatch3.1std
OR
futomiaccess_analyzer_cgiMatch3.2pro
OR
futomiaccess_analyzer_cgiMatch3.2std
OR
futomiaccess_analyzer_cgiMatch3.3pro
OR
futomiaccess_analyzer_cgiMatch3.3std
OR
futomiaccess_analyzer_cgiMatch3.4pro
OR
futomiaccess_analyzer_cgiMatch3.4std
OR
futomiaccess_analyzer_cgiMatch3.5pro
OR
futomiaccess_analyzer_cgiMatch3.5std
OR
futomiaccess_analyzer_cgiMatch3.6std
OR
futomiaccess_analyzer_cgiMatch3.7std
OR
futomiaccess_analyzer_cgiMatch3.8std
OR
futomiaccess_analyzer_cgiMatch3.8.1std
OR
futomiaccess_analyzer_cgiMatch4.0pro
OR
futomiaccess_analyzer_cgiMatch4.0.0std
OR
futomiaccess_analyzer_cgiMatch4.1pro
OR
futomiaccess_analyzer_cgiMatch4.2pro
OR
futomiaccess_analyzer_cgiMatch4.3pro
OR
futomiaccess_analyzer_cgiMatch4.4pro
OR
futomiaccess_analyzer_cgiMatch4.5pro
OR
futomiaccess_analyzer_cgiMatch4.6pro
OR
futomiaccess_analyzer_cgiMatch4.7pro
OR
futomiaccess_analyzer_cgiMatch4.8pro
OR
futomiaccess_analyzer_cgiMatch4.9pro
OR
futomiaccess_analyzer_cgiMatch4.10pro
OR
futomiaccess_analyzer_cgiMatch4.10.1pro
OR
futomiaccess_analyzer_cgiMatch4.10.2pro
OR
futomiaccess_analyzer_cgiMatch4.10.3pro
OR
futomiaccess_analyzer_cgiMatch4.10.4pro
OR
futomiaccess_analyzer_cgiMatch4.10.5pro
OR
futomiaccess_analyzer_cgiMatch4.11.0pro
OR
futomiaccess_analyzer_cgiMatch4.11.1pro
OR
futomiaccess_analyzer_cgiMatch4.11.2pro
OR
futomiaccess_analyzer_cgiMatch4.11.3pro

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

6.2

Confidence

Low

EPSS

0.003

Percentile

70.8%

Related for NVD:CVE-2008-5809