CVE-2011-2401

Severity

83%

Complexity

86%

Confidentiality

141%

Per: http://cwe.mitre.org/data/definitions/384.html 'CWE-384: Session Fixation'

Session fixation vulnerability in HP SiteScope 9.x, 10.x, and 11.x allows remote attackers to hijack web sessions via unspecified vectors.

Per: http://cwe.mitre.org/data/definitions/384.html 'CWE-384: Session Fixation'

CVSS 2.0 Base Score 8.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:P/A:P).

Overview

Type

HP

First reported 13 years ago

2011-07-29 20:55:00

Last updated 7 years ago

2017-08-29 01:29:00

Affected Software

HP SiteScope 9.0

9.0

HP Sitescope 10.13

10.13

References

SSRT100581

Vendor Advisory

74114

45440

Vendor Advisory

1025856

48916

sitescope-sessions-session-hijacking(68868)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.