CVE-2008-6569

Session fixation vulnerability in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack web sessions via the session ID in the login page.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 74%
VendorProductVersion
cybozugaroon
2.0.0
cybozugaroon
2.0.1
cybozugaroon
2.0.2
cybozugaroon
2.0.3
cybozugaroon
2.0.4
cybozugaroon
2.0.5
cybozugaroon
2.0.6
cybozugaroon
2.1.0
cybozugaroon
2.1.1
cybozugaroon
2.1.2
cybozugaroon
2.1.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://cybozu.co.jp/products/dl/notice/detail/0021.html
http://jvn.jp/en/jp/JVN18700809/index.html
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000034.html
http://osvdb.org/46564
http://secunia.com/advisories/30871
http://www.lac.co.jp/info/advisory/98.html
http://www.securityfocus.com/bid/29981
https://exchange.xforce.ibmcloud.com/vulnerabilities/43427
http://cybozu.co.jp/products/dl/notice/detail/0021.html
http://jvn.jp/en/jp/JVN18700809/index.html
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000034.html
http://osvdb.org/46564
http://secunia.com/advisories/30871
http://www.lac.co.jp/info/advisory/98.html
http://www.securityfocus.com/bid/29981
https://exchange.xforce.ibmcloud.com/vulnerabilities/43427