CVE-2013-4001

EUVD-2013-3933
Session fixation vulnerability in IBM Cognos Command Center before 10.2 allows remote attackers to hijack web sessions via an authorization cookie.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 39%
Affected Products (NVD)
VendorProductVersion
ibmcognos_command_center
𝑥
≤ 10.1
ibmcognos_command_center
10.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21657932
https://exchange.xforce.ibmcloud.com/vulnerabilities/85151
http://www-01.ibm.com/support/docview.wss?uid=swg21657932
https://exchange.xforce.ibmcloud.com/vulnerabilities/85151