Lucene search

[email protected]NVD:CVE-2011-0400

HistoryJan 10, 2011 - 8:00 p.m.

CVE-2011-0400

2011-01-1020:00:17

CWE-16

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.5

Confidence

High

EPSS

0.005

Percentile

75.7%

JSON

Cookie.php in Piwik before 1.1 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.

Affected configurations

Nvd

Node

matomomatomoRange≤1.0

matomomatomoMatch0.1

matomomatomoMatch0.1.1

matomomatomoMatch0.1.2

matomomatomoMatch0.1.3

matomomatomoMatch0.1.4

matomomatomoMatch0.1.5

matomomatomoMatch0.1.6

matomomatomoMatch0.1.7

matomomatomoMatch0.1.8

matomomatomoMatch0.1.9

matomomatomoMatch0.1.10

matomomatomoMatch0.2.1

matomomatomoMatch0.2.2

matomomatomoMatch0.2.3

matomomatomoMatch0.2.4

matomomatomoMatch0.2.5

matomomatomoMatch0.2.6

matomomatomoMatch0.2.7

matomomatomoMatch0.2.8

matomomatomoMatch0.2.9

matomomatomoMatch0.2.10

matomomatomoMatch0.2.11

matomomatomoMatch0.2.12

matomomatomoMatch0.2.13

matomomatomoMatch0.2.14

matomomatomoMatch0.2.16

matomomatomoMatch0.2.17

matomomatomoMatch0.2.18

matomomatomoMatch0.2.19

matomomatomoMatch0.2.20

matomomatomoMatch0.2.22

matomomatomoMatch0.2.23

matomomatomoMatch0.2.24

matomomatomoMatch0.2.25

matomomatomoMatch0.2.26

matomomatomoMatch0.2.27

matomomatomoMatch0.2.28

matomomatomoMatch0.2.29

matomomatomoMatch0.2.30

matomomatomoMatch0.2.31

matomomatomoMatch0.2.32

matomomatomoMatch0.2.33

matomomatomoMatch0.2.34

matomomatomoMatch0.4rc1

matomomatomoMatch0.4rc2

matomomatomoMatch0.4rc3

matomomatomoMatch0.4.1rc1

matomomatomoMatch0.4.4

matomomatomoMatch0.4.5

matomomatomoMatch0.5

matomomatomoMatch0.5.1

matomomatomoMatch0.5.2

matomomatomoMatch0.5.3

matomomatomoMatch0.5.4

matomomatomoMatch0.5.5

matomomatomoMatch0.6

matomomatomoMatch0.6.1

matomomatomoMatch0.6.2

matomomatomoMatch0.6.3

matomomatomoMatch0.6.3rc1

matomomatomoMatch0.6.3rc2

matomomatomoMatch0.6.4

matomomatomoMatch0.7

matomomatomoMatch0.8

matomomatomoMatch0.9

matomomatomoMatch0.9.9

VendorProductVersionCPE
matomomatomo*cpe:2.3:a:matomo:matomo:*:*:*:*:*:*:*:*
matomomatomo0.1cpe:2.3:a:matomo:matomo:0.1:*:*:*:*:*:*:*
matomomatomo0.1.1cpe:2.3:a:matomo:matomo:0.1.1:*:*:*:*:*:*:*
matomomatomo0.1.2cpe:2.3:a:matomo:matomo:0.1.2:*:*:*:*:*:*:*
matomomatomo0.1.3cpe:2.3:a:matomo:matomo:0.1.3:*:*:*:*:*:*:*
matomomatomo0.1.4cpe:2.3:a:matomo:matomo:0.1.4:*:*:*:*:*:*:*
matomomatomo0.1.5cpe:2.3:a:matomo:matomo:0.1.5:*:*:*:*:*:*:*
matomomatomo0.1.6cpe:2.3:a:matomo:matomo:0.1.6:*:*:*:*:*:*:*
matomomatomo0.1.7cpe:2.3:a:matomo:matomo:0.1.7:*:*:*:*:*:*:*
matomomatomo0.1.8cpe:2.3:a:matomo:matomo:0.1.8:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
matomo	matomo	*	cpe:2.3:a:matomo:matomo::::::::
matomo	matomo	0.1	cpe:2.3:a:matomo:matomo:0.1:::::::*
matomo	matomo	0.1.1	cpe:2.3:a:matomo:matomo:0.1.1:::::::*
matomo	matomo	0.1.2	cpe:2.3:a:matomo:matomo:0.1.2:::::::*
matomo	matomo	0.1.3	cpe:2.3:a:matomo:matomo:0.1.3:::::::*
matomo	matomo	0.1.4	cpe:2.3:a:matomo:matomo:0.1.4:::::::*
matomo	matomo	0.1.5	cpe:2.3:a:matomo:matomo:0.1.5:::::::*
matomo	matomo	0.1.6	cpe:2.3:a:matomo:matomo:0.1.6:::::::*
matomo	matomo	0.1.7	cpe:2.3:a:matomo:matomo:0.1.7:::::::*
matomo	matomo	0.1.8	cpe:2.3:a:matomo:matomo:0.1.8:::::::*

Rows per page:

1-10 of 671

References

dev.piwik.org/trac/ticket/1795

osvdb.org/70382

piwik.org/blog/2011/01/piwik-1-1-2/

www.securityfocus.com/bid/45787

exchange.xforce.ibmcloud.com/vulnerabilities/64639

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.5

Confidence

High

EPSS

0.005

Percentile

75.7%

JSON

Related for NVD:CVE-2011-0400

cvelist1 cve1 prion1