Vulnerability Description
Session fixation vulnerability in WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to hijack web sessions via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell | Data Synchronizer | 1.0.0 |
| Novell | Mobility Pack | 1.0 |
References
- http://secunia.com/advisories/45527Vendor Advisory
- http://www.novell.com/support/viewContent.do?externalId=7009054Vendor Advisory
- http://www.securityfocus.com/bid/49069
- http://secunia.com/advisories/45527Vendor Advisory
- http://www.novell.com/support/viewContent.do?externalId=7009054Vendor Advisory
- http://www.securityfocus.com/bid/49069
FAQ
What is CVE-2011-2222?
CVE-2011-2222 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Session fixation vulnerability in WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to hijack web sessions via unspecified vector...
How severe is CVE-2011-2222?
CVE-2011-2222 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-2222?
Check the references section above for vendor advisories and patch information. Affected products include: Novell Data Synchronizer, Novell Mobility Pack.