Security Advisory

CVE-2013-4732

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2013-06-29 21:00:00

Last updated 2024-09-16 17:54:12

Assigner mitre

State PUBLISHED

Description

The administrative web server on the Digital Alert Systems DASDEC EAS device through 2.0-2 and the Monroe Electronics R189 One-Net EAS device through 2.0-2 uses predictable session ID values, which makes it easier for remote attackers to hijack sessions by sniffing the network. NOTE: VU#662676 states "Monroe Electronics could not reproduce this finding.

← Browse all CVEs View on cve.org ↗