2 matches found
CVE-2004-0944
CVE-2004-0944 affects Mitel 3300 ICP Web Management Interface prior to 4.2.2.11. The session ID is generated predictably and exposed via the parentsessionid cookie, enabling remote attackers to hijack other users’ sessions. Corsaire’s advisory documents a sequential cookie value pattern and an ac...
CVE-2004-0944
The web management interface for Mitel 3300 Integrated Communications Platform ICP before 4.2.2.11 generates easily predictable web session IDs, which allows remote attackers to hijack other sessions via the parentsessionid cookie...