Session fixation

2015-05-0110:59:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

56.0%

JSON

The session-manager service in Cisco StarOS 12.0, 12.2(300), 14.0, and 14.0(600) on ASR 5000 devices allows remote attackers to cause a denial of service (service reload and packet loss) via malformed HTTP packets, aka Bug ID CSCud14217.

CPENameOperatorVersion
staroseq12.0
staroseq12.2300.0
staroseq14.0
staroseq14.600.0

Name	Operator	Version
staros	eq	12.0
staros	eq	12.2300.0
staros	eq	14.0
staros	eq	14.600.0

References

tools.cisco.com/security/center/viewAlert.x?alertId=38580

www.securitytracker.com/id/1032219