CVE-2012-0264

Опубликовано: 31 дек. 2013

Источник: nvd

CVSS2: 10

EPSS Низкий

Описание

op5 Monitor and op5 Appliance before 5.5.0 do not properly manage session cookies, which allows remote attackers to have an unspecified impact via unspecified vectors.

Ссылки

http://seclists.org/fulldisclosure/2012/Jan/62
http://secunia.com/advisories/47344
Vendor Advisory
http://www.ekelow.se/file_uploads/Advisories/ekelow-aid-2012-01.pdf
Exploit
http://www.op5.com/news/support-news/fixed-vulnerabilities-op5-monitor-op5-appliance/
http://www.osvdb.org/78066
https://bugs.op5.com/view.php?id=5094
http://seclists.org/fulldisclosure/2012/Jan/62
http://secunia.com/advisories/47344
Vendor Advisory
http://www.ekelow.se/file_uploads/Advisories/ekelow-aid-2012-01.pdf
Exploit
http://www.op5.com/news/support-news/fixed-vulnerabilities-op5-monitor-op5-appliance/
http://www.osvdb.org/78066
https://bugs.op5.com/view.php?id=5094

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:op5:monitor:*:*:*:*:*:*:*:*

Версия до 5.4.2 (включая)

cpe:2.3:a:op5:monitor:5.3.5:*:*:*:*:*:*:*

cpe:2.3:a:op5:monitor:5.4.0:*:*:*:*:*:*:*

EPSS

Процентиль: 89%

0.04443

Низкий

10 Critical

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-99gw-rhm2-2xpx

github

почти 4 года назад