exploitDog

GHSA-x89m-vq45-vjjr

Опубликовано: 02 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Zeacom Chat Server before 5.1 uses too short a random string for the JSESSIONID value, which makes it easier for remote attackers to hijack sessions or cause a denial of service (Chat Server crash or Tomcat daemon crash) via a brute-force attack.

Zeacom Chat Server before 5.1 uses too short a random string for the JSESSIONID value, which makes it easier for remote attackers to hijack sessions or cause a denial of service (Chat Server crash or Tomcat daemon crash) via a brute-force attack.

Ссылки

EPSS

Процентиль: 71%

0.00694

Низкий

CVE ID

Связанные уязвимости

CVE-2010-0217

nvd

больше 14 лет назад

Zeacom Chat Server before 5.1 uses too short a random string for the JSESSIONID value, which makes it easier for remote attackers to hijack sessions or cause a denial of service (Chat Server crash or Tomcat daemon crash) via a brute-force attack.

EPSS

Процентиль: 71%

0.00694

Низкий

CVE ID