Описание
Dell Wyse Management Suite 3.6.1 and below contains a Session Fixation vulnerability. A unauthenticated attacker could exploit this by taking advantage of a user with multiple active sessions in order to hijack a user's session.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.8.0 (исключая)
cpe:2.3:a:dell:wyse_management_suite:*:*:*:*:*:*:*:*
EPSS
Процентиль: 48%
0.00252
Низкий
5.4 Medium
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-384
CWE-384
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
Dell Wyse Management Suite 3.6.1 and below contains a Session Fixation vulnerability. A unauthenticated attacker could exploit this by taking advantage of a user with multiple active sessions in order to hijack a user's session.
EPSS
Процентиль: 48%
0.00252
Низкий
5.4 Medium
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-384
CWE-384