2 matches found
Zimbra Collaboration Suite (ZCS) Session Replay Vulnerability
Product: Zimbra Collaboration Suite Vendor: VMWare Vulnerable Version: 6.0.16 and probably prior Tested Version: 6.0.16 Vendor Notification: 09/03/2013 Public Disclosure: 09/13/2013 Vulnerability Type: Authentication Bypass by Capture-replay CWE-294 CVE: CVE-2013-5119 Discovered and Provided By:...
CVE-2013-5119
Summary : CVE-2013-5119 affects Zimbra Collaboration Suite (ZCS) 6.0.16 and earlier. Affected component is the authentication/session handling where an attacker can capture a user’s ZM_AUTH_TOKEN and replay it to gain access, enabling a remote impersonation via a man-in-the-middle scenario. The r...