CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-6845

EMC SourceOne Email Supervisor before 7.2 does not properly employ random values for session IDs, which makes it easier for remote attackers to obtain access by guessing an ID.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.015

EPSS Ranking 80.3%

CVSS Severity

CVSS v2 Score 7.5

References

http://packetstormsecurity.com/files/133922/EMC-SourceOne-Email-Supervisor-XSS-Session-Hijacking.html
http://seclists.org/bugtraq/2015/Oct/58
http://www.securitytracker.com/id/1033787
http://packetstormsecurity.com/files/133922/EMC-SourceOne-Email-Supervisor-XSS-Session-Hijacking.html
http://seclists.org/bugtraq/2015/Oct/58
http://www.securitytracker.com/id/1033787

Products affected by CVE-2015-6845

Emc » Sourceone Email Supervisor » Version: Any

cpe:2.3:a:emc:sourceone_email_supervisor:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-6845

Products

Pricing

Contact Us