Описание
Zenoss Core before 4.2.5 SP161 sets an infinite lifetime for the session ID cookie, which makes it easier for remote attackers to hijack sessions by leveraging an unattended workstation, aka ZEN-12691.
Zenoss Core before 4.2.5 SP161 sets an infinite lifetime for the session ID cookie, which makes it easier for remote attackers to hijack sessions by leveraging an unattended workstation, aka ZEN-12691.
EPSS
Процентиль: 72%
0.00712
Низкий
CVE ID
Связанные уязвимости
nvd
около 11 лет назад
Zenoss Core before 4.2.5 SP161 sets an infinite lifetime for the session ID cookie, which makes it easier for remote attackers to hijack sessions by leveraging an unattended workstation, aka ZEN-12691.
debian
около 11 лет назад
Zenoss Core before 4.2.5 SP161 sets an infinite lifetime for the sessi ...
EPSS
Процентиль: 72%
0.00712
Низкий