Lucene search
HistoryMar 31, 2009 - 5:30 p.m.
CVE-2008-6569
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.7 Medium
AI Score
Confidence
Low
0.015 Low
EPSS
Percentile
87.2%
Session fixation vulnerability in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack web sessions via the session ID in the login page.
Affected configurations
Node
cybozugaroonMatch2.0.0
ORcybozugaroonMatch2.0.1
ORcybozugaroonMatch2.0.2
ORcybozugaroonMatch2.0.3
ORcybozugaroonMatch2.0.4
ORcybozugaroonMatch2.0.5
ORcybozugaroonMatch2.0.6
ORcybozugaroonMatch2.1.0
ORcybozugaroonMatch2.1.1
ORcybozugaroonMatch2.1.2
ORcybozugaroonMatch2.1.3
References
Related
cvelist
cvelist
CVE-2008-6569
2009-03-31 17:00:00
jvn
jvn
JVN#18700809 Cybozu Garoon session fixation vulnerability
2008-06-27 00:00:00
prion
prion
Session fixation
2009-03-31 17:30:00
cve
cve
CVE-2008-6569
2009-03-31 17:30:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.7 Medium
AI Score
Confidence
Low
0.015 Low
EPSS
Percentile
87.2%
Related for NVD:CVE-2008-6569