1 results (0.003 seconds)
CVSS: 9.8EPSS: 12%CPEs: 4EXPL: 0
CVSS: 9.8EPSS: 12%CPEs: 4EXPL: 0CVE-2008-2433
https://notcve.org/view.php?id=CVE-2008-2433
27 Aug 2008 — The web management console in Trend Micro OfficeScan 7.0 through 8.0, Worry-Free Business Security 5.0, and Client/Server/Messaging Suite 3.5 and 3.6 creates a random session token based only on the login time, which makes it easier for remote attackers to hijack sessions via brute-force attacks. NOTE: this can be leveraged for code execution through an unspecified "manipulation of the configuration." La consola de administración web en Trend Micro OfficeScan 7.0 hasta 8.0, Worry-Free Business Security 5.0,... • http://secunia.com/advisories/31373 • CWE-330: Use of Insufficiently Random Values •