CVE-2011-3424

Sažetak

Session fixation vulnerability in the Managed File Transfer server in TIBCO Managed File Transfer Internet Server before 7.1.1 and Managed File Transfer Command Center before 7.1.1, and the server in TIBCO Slingshot before 1.8.1, allows remote attackers to hijack web sessions via unspecified vectors.

Reference

http://secunia.com/advisories/45976
http://securitytracker.com/id?1026051
http://www.osvdb.org/75397
http://www.securityfocus.com/bid/49619
http://www.tibco.com/multimedia/mft-slingshot_advisory_20110913_tcm8-14340.txt
http://www.tibco.com/services/support/advisories/mft-slingshot-advisory_20110913.jsp
https://exchange.xforce.ibmcloud.com/vulnerabilities/69805

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

29-08-2017 - 01:30

Objavljeno

19-09-2011 - 12:02