Vulnerability Description
The WebAccess component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 does not properly implement session management mechanisms, which allows remote attackers to gain access to user accounts via unspecified vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell | Groupwise | 7.0 |
References
- http://secunia.com/advisories/35177Vendor Advisory
- http://www.novell.com/support/viewContent.do?externalId=7003266&sliceId=1Vendor Advisory
- http://www.securityfocus.com/bid/35066
- http://www.vupen.com/english/advisories/2009/1393Vendor Advisory
- https://bugzilla.novell.com/show_bug.cgi?id=472979Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50688
- http://secunia.com/advisories/35177Vendor Advisory
- http://www.novell.com/support/viewContent.do?externalId=7003266&sliceId=1Vendor Advisory
- http://www.securityfocus.com/bid/35066
- http://www.vupen.com/english/advisories/2009/1393Vendor Advisory
- https://bugzilla.novell.com/show_bug.cgi?id=472979Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50688
FAQ
What is CVE-2009-1634?
CVE-2009-1634 is a vulnerability with a CVSS score of 7.5 (HIGH). The WebAccess component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 does not properly implement session management mechanisms, which allows remote attackers to gain access to user a...
How severe is CVE-2009-1634?
CVE-2009-1634 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-1634?
Check the references section above for vendor advisories and patch information. Affected products include: Novell Groupwise.