WisePoint CVE-2014-3909 Unspecified Session Fixation Vulnerability
BID:69629
Info
WisePoint CVE-2014-3909 Unspecified Session Fixation Vulnerability
| Bugtraq ID: | 69629 |
| Class: | Unknown |
| CVE: |
CVE-2014-3909 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 04 2014 12:00AM |
| Updated: | Sep 04 2014 12:00AM |
| Credit: | Hiroki Ikemoto of NTT SOFT SERVICE Corp. |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
WisePoint CVE-2014-3909 Unspecified Session Fixation Vulnerability
WisePoint is prone to an unspecified session-fixation vulnerability.
An attacker can exploit this issue to hijack an arbitrary session and gain unauthorized access to the affected application.
WisePoint 4.1.19.7 and prior are vulnerable.
WisePoint is prone to an unspecified session-fixation vulnerability.
An attacker can exploit this issue to hijack an arbitrary session and gain unauthorized access to the affected application.
WisePoint 4.1.19.7 and prior are vulnerable.
Exploit / POC
WisePoint CVE-2014-3909 Unspecified Session Fixation Vulnerability
To exploit this issue an attacker entices an unsuspecting user into following a malicious URI.
To exploit this issue an attacker entices an unsuspecting user into following a malicious URI.
Solution / Fix
WisePoint CVE-2014-3909 Unspecified Session Fixation Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
WisePoint CVE-2014-3909 Unspecified Session Fixation Vulnerability
References:
References: