CVE-2015-0544

Published: Jul 5, 2015Modified: May 6, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly generate random values for session cookies, which makes it easier for remote attackers to hijack sessions by predicting a value.

Affected (3)

Products: Emc: Secure Remote Services

Emc

1 product

Secure Remote Services

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Emc Secure Remote Services	Version 3.02
Emc Secure Remote Services	Version 3.03
Emc Secure Remote Services	Version 3.04

References (4)

http://seclists.org/bugtraq/2015/Jun/132

Source: security_alert@emc.com

http://www.securitytracker.com/id/1032740

Source: security_alert@emc.com

http://seclists.org/bugtraq/2015/Jun/132

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1032740

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.