CVE-2011-2222
Severity Score
4.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Session fixation vulnerability in WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to hijack web sessions via unspecified vectors.
Vulnerabilidad de secuestro de sesión ("session fixation") en WebAdmin de Mobility Pack en versiones anteriores a la 1.2 de Novell Data Synchronizer 1.x hasta la 1.1.2 build 428 permite a atacantes remotos secuestrar ("hijack") sesiones web a través de vectores sin especificar.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2011-06-02 CVE Reserved
- 2011-08-09 CVE Published
- 2024-02-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/49069 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/45527 | 2015-10-29 | |
| http://www.novell.com/support/viewContent.do?externalId=7009054 | 2015-10-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Novell Search vendor "Novell" | Data Synchronizer Search vendor "Novell" for product "Data Synchronizer" | 1.0.0 Search vendor "Novell" for product "Data Synchronizer" and version "1.0.0" | - |
Affected
| ||||||
| Novell Search vendor "Novell" | Data Synchronizer Search vendor "Novell" for product "Data Synchronizer" | 1.1.0 Search vendor "Novell" for product "Data Synchronizer" and version "1.1.0" | - |
Affected
| ||||||
| Novell Search vendor "Novell" | Data Synchronizer Search vendor "Novell" for product "Data Synchronizer" | 1.1.1 Search vendor "Novell" for product "Data Synchronizer" and version "1.1.1" | - |
Affected
| ||||||
| Novell Search vendor "Novell" | Data Synchronizer Search vendor "Novell" for product "Data Synchronizer" | 1.1.2 Search vendor "Novell" for product "Data Synchronizer" and version "1.1.2" | - |
Affected
| ||||||
| Novell Search vendor "Novell" | Mobility Pack Search vendor "Novell" for product "Mobility Pack" | 1.0 Search vendor "Novell" for product "Mobility Pack" and version "1.0" | - |
Affected
| ||||||
| Novell Search vendor "Novell" | Mobility Pack Search vendor "Novell" for product "Mobility Pack" | 1.1 Search vendor "Novell" for product "Mobility Pack" and version "1.1" | - |
Affected
| ||||||
| Novell Search vendor "Novell" | Mobility Pack Search vendor "Novell" for product "Mobility Pack" | 1.1.1 Search vendor "Novell" for product "Mobility Pack" and version "1.1.1" | - |
Affected
| ||||||
| Novell Search vendor "Novell" | Mobility Pack Search vendor "Novell" for product "Mobility Pack" | 1.1.2 Search vendor "Novell" for product "Mobility Pack" and version "1.1.2" | - |
Affected
| ||||||