EMC Documentum eRoom Cookies Session Hijacking Vulnerability
BID:52440
Info
EMC Documentum eRoom Cookies Session Hijacking Vulnerability
| Bugtraq ID: | 52440 |
| Class: | Design Error |
| CVE: |
CVE-2012-0398 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 13 2012 12:00AM |
| Updated: | Mar 13 2012 12:00AM |
| Credit: | SEC Consult |
| Vulnerable: |
EMC Documentum eRoom 7.4.2 EMC Documentum eRoom 7.4.1 EMC Documentum eRoom 7.4.3g EMC Documentum eRoom 7.4.3.f EMC Documentum eRoom 7.4.3.f EMC Documentum eRoom 7.4.3 EMC Documentum eRoom 7.4.3 EMC Documentum eRoom 7.3 |
| Not Vulnerable: |
EMC Documentum eRoom 7.4.4 |
Discussion
EMC Documentum eRoom Cookies Session Hijacking Vulnerability
EMC Documentum eRoom is prone to a session-hijacking vulnerability.
An attacker can exploit this issue to gain unauthorized access to the affected application.
EMC Documentum eRoom versions prior to 7.4.4 are vulnerable.
EMC Documentum eRoom is prone to a session-hijacking vulnerability.
An attacker can exploit this issue to gain unauthorized access to the affected application.
EMC Documentum eRoom versions prior to 7.4.4 are vulnerable.
Exploit / POC
EMC Documentum eRoom Cookies Session Hijacking Vulnerability
Attackers can exploit this issue with a web browser.
Attackers can exploit this issue with a web browser.
Solution / Fix
EMC Documentum eRoom Cookies Session Hijacking Vulnerability
Solution:
Updates are available. Please see the references for details.
Solution:
Updates are available. Please see the references for details.
References
EMC Documentum eRoom Cookies Session Hijacking Vulnerability
References:
References: