Lucene search

PRIOn knowledge basePRION:CVE-2008-6569

HistoryMar 31, 2009 - 5:30 p.m.

Session fixation

2009-03-3117:30:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

0.015 Low

EPSS

Percentile

87.2%

JSON

Session fixation vulnerability in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack web sessions via the session ID in the login page.

CPENameOperatorVersion
garooneq2.1.0
garooneq2.0.2
garooneq2.0.4
garooneq2.0.6
garooneq2.1.3
garooneq2.0.5
garooneq2.0.3
garooneq2.1.1
garooneq2.0.1
garooneq2.1.2

Name	Operator	Version
garoon	eq	2.1.0
garoon	eq	2.0.2
garoon	eq	2.0.4
garoon	eq	2.0.6
garoon	eq	2.1.3
garoon	eq	2.0.5
garoon	eq	2.0.3
garoon	eq	2.1.1
garoon	eq	2.0.1
garoon	eq	2.1.2

Rows per page:

1-10 of 111

References

cybozu.co.jp/products/dl/notice/detail/0021.html

jvn.jp/en/jp/JVN18700809/index.html

jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000034.html

osvdb.org/46564

secunia.com/advisories/30871

www.lac.co.jp/info/advisory/98.html

www.securityfocus.com/bid/29981

exchange.xforce.ibmcloud.com/vulnerabilities/43427