Lucene search

[email protected]NVD:CVE-2012-5173

HistoryNov 23, 2012 - 12:09 p.m.

CVE-2012-5173

2012-11-2312:09:54

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

0.006

Percentile

79.3%

JSON

Session fixation vulnerability in BIGACE before 2.7.8 allows remote attackers to hijack web sessions via unspecified vectors.

Affected configurations

Nvd

Node

bigacebigaceRange≤2.7.7

bigacebigaceMatch2.7.2

bigacebigaceMatch2.7.4

bigacebigaceMatch2.7.5

bigacebigaceMatch2.7.6

VendorProductVersionCPE
bigacebigace*cpe:2.3:a:bigace:bigace:*:*:*:*:*:*:*:*
bigacebigace2.7.2cpe:2.3:a:bigace:bigace:2.7.2:*:*:*:*:*:*:*
bigacebigace2.7.4cpe:2.3:a:bigace:bigace:2.7.4:*:*:*:*:*:*:*
bigacebigace2.7.5cpe:2.3:a:bigace:bigace:2.7.5:*:*:*:*:*:*:*
bigacebigace2.7.6cpe:2.3:a:bigace:bigace:2.7.6:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
bigace	bigace	*	cpe:2.3:a:bigace:bigace::::::::
bigace	bigace	2.7.2	cpe:2.3:a:bigace:bigace:2.7.2:::::::*
bigace	bigace	2.7.4	cpe:2.3:a:bigace:bigace:2.7.4:::::::*
bigace	bigace	2.7.5	cpe:2.3:a:bigace:bigace:2.7.5:::::::*
bigace	bigace	2.7.6	cpe:2.3:a:bigace:bigace:2.7.6:::::::*

References

jvn.jp/en/jp/JVN60931933/index.html

jvndb.jvn.jp/jvndb/JVNDB-2012-000104

secunia.com/advisories/51355

www.bigace.de/news/bigace-2.7.8.html

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

0.006

Percentile

79.3%

JSON

Related for NVD:CVE-2012-5173

cvelist1 prion1 jvn1 cve1