Emc: >> Secure Remote Services >> 3.04 Security Vulnerabilities
EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly generate random values for session cookies, which makes it easier for remote attackers to hijack sessions by predicting a value.
CVSS Score
9.3
EPSS Score
0.006
Published
2015-07-05
EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVSS Score
5.8
EPSS Score
0.001
Published
2015-07-05