Novell: >> Webyast Appliance Security Vulnerabilities
WebYaST in yast2-webclient in SUSE Linux Enterprise (SLE) 11 on the WebYaST appliance uses a fixed secret key that is embedded in the appliance's image, which allows remote attackers to spoof session cookies by leveraging knowledge of this key.
CVSS Score
5.0
EPSS Score
0.002
Published
2010-09-03