CVE-2016-10205

Session fixation vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack web sessions via the ZMSESSID cookie.

mitre·CWE-384·Published 2017-03-03

CVSS

—

EPSS

0.01

KEV

Exploits

cve.orgen

133 chars

Session fixation vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack web sessions via the ZMSESSID cookie.

NVDen

133 chars

Session fixation vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack web sessions via the ZMSESSID cookie.

NVDes

164 chars

Vulnerabilidad de reparación de sesión en Zoneminder 1.30 y versiones anteriores permite a atacantes remotos secuestrar sesiones web a través de la cookie ZMSESSID.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.0	Primary	NVD	7.3	3.9	3.4	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L