CVE-2013-7436
novnc: session hijack through insecurely set session token cookies
Severity Score
4.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
noVNC before 0.5 does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
noVNC anterior a 0.5 no configura la bandera de seguro para una cookie en una sesión https, lo que facilita a atacantes remotos capturar esta cookie mediante la intercepción de su transmisión dentro de una sesión http.
It was discovered that noVNC did not properly set the 'secure' flag when issuing cookies. An attacker could use this flaw to intercept cookies via a man-in-the-middle attack.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2015-03-12 CVE Reserved
- 2015-04-08 CVE Published
- 2024-08-06 CVE Updated
- 2024-11-20 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-310: Cryptographic Issues
- CWE-319: Cleartext Transmission of Sensitive Information
CAPEC
References (9)
URL | Tag | Source |
---|---|---|
http://www.openwall.com/lists/oss-security/2015/02/17/1 | Mailing List | |
http://www.openwall.com/lists/oss-security/2015/03/12/13 | Mailing List | |
https://github.com/kanaka/noVNC/commit/ad941faddead705cd611921730054767a0b32dcd | X_refsource_confirm |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2015-0788.html | 2015-05-06 | |
http://rhn.redhat.com/errata/RHSA-2015-0833.html | 2015-05-06 | |
http://rhn.redhat.com/errata/RHSA-2015-0834.html | 2015-05-06 | |
http://rhn.redhat.com/errata/RHSA-2015-0884.html | 2015-05-06 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1193451 | 2015-04-23 | |
https://access.redhat.com/security/cve/CVE-2013-7436 | 2015-04-23 |