Vulnerability Details CVE-2015-2029
Session fixation vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote attackers to hijack web sessions via a session identifier.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.9%
CVSS Severity
CVSS v2 Score 4.3
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI44098
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI44105
- http://www-01.ibm.com/support/docview.wss?uid=swg21966044
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI44098
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI44105
- http://www-01.ibm.com/support/docview.wss?uid=swg21966044
Products affected by CVE-2015-2029
-
cpe:2.3:a:ibm:websphere_extreme_scale:7.1.0
-
cpe:2.3:a:ibm:websphere_extreme_scale:7.1.0.2
-
cpe:2.3:a:ibm:websphere_extreme_scale:7.1.1