CVE-2015-0544

EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly generate random values for session cookies, which makes it easier for remote attackers to hijack sessions by predicting a value.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
dellCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
VendorProductVersion
emcsecure_remote_services
3.02
emcsecure_remote_services
3.03
emcsecure_remote_services
3.04
𝑥
= Vulnerable software versions
References
http://seclists.org/bugtraq/2015/Jun/132
http://www.securitytracker.com/id/1032740
http://seclists.org/bugtraq/2015/Jun/132
http://www.securitytracker.com/id/1032740