CVE-2013-4629 Information

Description

The Huawei viewpoint VP9610 and VP9620 units for the Huawei Video Conference system do not update the Session ID upon successful establishment of a login session which allows remote authenticated users to hijack sessions via an unspecified interception method.

Reference

http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-261327.htm