Vulnerability Details CVE-2012-4937
Session fixation vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack web sessions via a jsession_id cookie.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 75.1%
CVSS Severity
CVSS v2 Score 6.8
References
- http://secunia.com/advisories/51203
- http://www.kb.cert.org/vuls/id/802596
- http://www.securityfocus.com/bid/56381
- https://exchange.xforce.ibmcloud.com/vulnerabilities/79785
- http://secunia.com/advisories/51203
- http://www.kb.cert.org/vuls/id/802596
- http://www.securityfocus.com/bid/56381
- https://exchange.xforce.ibmcloud.com/vulnerabilities/79785
Products affected by CVE-2012-4937
-
cpe:2.3:a:patterninsight:pattern_insight:2.3