CVE-2015-0544

EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly generate random values for session cookies, which makes it easier for remote attackers to hijack sessions by predicting a value.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
emcsecure_remote_services
3.02
emcsecure_remote_services
3.03
emcsecure_remote_services
3.04
𝑥
= Vulnerable software versions
References
http://seclists.org/bugtraq/2015/Jun/132
http://www.securitytracker.com/id/1032740
http://seclists.org/bugtraq/2015/Jun/132
http://www.securitytracker.com/id/1032740