CVE-2020-13229 - CERT CVE

  1. CVE-2020-13229

ID CVE-2020-13229
Sažetak An issue was discovered in Sysax Multi Server 6.90. A session can be hijacked if one observes the sid value in any /scgi URI, because it is an authentication token.
Reference
CVSS
Base: 6.8
Impact: 6.4
Exploitability:8.6
Pristup
VektorSloženostAutentikacija
NETWORK MEDIUM NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL PARTIAL
CVSS vektor AV:N/AC:M/Au:N/C:P/I:P/A:P
Zadnje važnije ažuriranje 02-06-2020 - 15:11
Objavljeno 02-06-2020 - 14:15