Lucene search
HistoryMar 29, 2013 - 4:09 p.m.
CVE-2013-0510
ibm
security
appscan
enterprise
cve-2013-0510
nvd
vulnerability
man-in-the-middle
session cookies
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
6.5 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
47.5%
IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 includes a security test that sends session cookies to a specific external server, which allows man-in-the-middle attackers to hijack the test account by capturing these cookies.
Affected configurations
Node
ibmsecurity_appscanMatch5.6.0.0-enterprise
ORibmsecurity_appscanMatch8.0.0.0-enterprise
ORibmsecurity_appscanMatch8.0.0.1-enterprise
ORibmsecurity_appscanMatch8.0.0.2-enterprise
ORibmsecurity_appscanMatch8.0.1.0-enterprise
ORibmsecurity_appscanMatch8.0.1.1-enterprise
ORibmsecurity_appscanMatch8.0.11-enterprise
ORibmsecurity_appscanMatch8.5.0.0-enterprise
ORibmsecurity_appscanMatch8.5.0.1-enterprise
ORibmsecurity_appscanMatch8.6.0.0-enterprise
ORibmsecurity_appscanMatch8.6.0.1-enterprise
ORibmsecurity_appscanMatch8.6.0.2-enterprise
Related
prion
prion
Design/Logic Flaw
2013-03-29 16:09:00
nvd
nvd
CVE-2013-0510
2013-03-29 16:09:00
cvelist
cvelist
CVE-2013-0510
2013-03-29 10:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
6.5 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
47.5%
Related for CVE-2013-0510