Lucene search
JpcertCVE-2014-1984HistoryApr 19, 2014 - 7:55 p.m.
CVE-2014-1984
2014-04-1919:55:07
CWE-287
jpcert
web.nvd.nist.gov
30
cybozu
remote service manager
cve-2014-1984
session fixation
vulnerability
web sessions
nvd
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0.006
Percentile
77.9%
Session fixation vulnerability in the management screen in Cybozu Remote Service Manager through 2.3.0 and 3.x before 3.1.1 allows remote attackers to hijack web sessions via unspecified vectors.
Affected configurations
Node
cybozuremote_service_managerRange≤2.3.0
ORcybozuremote_service_managerRange3.0.0–3.1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cybozu | remote_service_manager | * | cpe:2.3:a:cybozu:remote_service_manager:*:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2014-1984
2014-04-19 19:55:07
jvn
jvn
JVN#00058727: Cybozu Remote Service Manager vulnerable to session fixation
2014-04-18 00:00:00
cvelist
cvelist
CVE-2014-1984
2014-04-19 19:00:00
prion
prion
Session fixation
2014-04-19 19:55:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0.006
Percentile
77.9%
Related for CVE-2014-1984