CVE-2015-6845 Information

Feb 14, 2021 cve

Description

EMC SourceOne Email Supervisor before 7.2 does not properly employ random values for session IDs which makes it easier for remote attackers to obtain access by guessing an ID.

Reference

http://packetstormsecurity.com/files/133922/EMC-SourceOne-Email-Supervisor-XSS-Session-Hijacking.html http://seclists.org/bugtraq/2015/Oct/58 http://www.securitytracker.com/id/1033787

Share on: