CVE-2008-6569

EUVD-2008-6532
Session fixation vulnerability in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack web sessions via the session ID in the login page.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 74%
Affected Products (NVD)
VendorProductVersion
cybozugaroon
2.0.0
cybozugaroon
2.0.1
cybozugaroon
2.0.2
cybozugaroon
2.0.3
cybozugaroon
2.0.4
cybozugaroon
2.0.5
cybozugaroon
2.0.6
cybozugaroon
2.1.0
cybozugaroon
2.1.1
cybozugaroon
2.1.2
cybozugaroon
2.1.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://cybozu.co.jp/products/dl/notice/detail/0021.html
http://jvn.jp/en/jp/JVN18700809/index.html
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000034.html
http://osvdb.org/46564
http://secunia.com/advisories/30871
http://www.lac.co.jp/info/advisory/98.html
http://www.securityfocus.com/bid/29981
https://exchange.xforce.ibmcloud.com/vulnerabilities/43427
http://cybozu.co.jp/products/dl/notice/detail/0021.html
http://jvn.jp/en/jp/JVN18700809/index.html
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000034.html
http://osvdb.org/46564
http://secunia.com/advisories/30871
http://www.lac.co.jp/info/advisory/98.html
http://www.securityfocus.com/bid/29981
https://exchange.xforce.ibmcloud.com/vulnerabilities/43427