CVE-2011-2222

3 documents3 sources

Severity

4.3MEDIUM

EPSS

0.4%

top 41.66%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Novell Data Synchronizer Novell Mobility Pack

Timeline

PublishedAug 9

Latest updateMay 17

Description

Session fixation vulnerability in WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to hijack web sessions via unspecified vectors.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

▶NVDnovell/mobility_pack4 versions+3

▶NVDnovell/data_synchronizer4 versions+3

🔴Vulnerability Details

GHSA

GHSA-65x9-pc8h-m22g: Session fixation vulnerability in WebAdmin in the Mobility Pack before 1↗2022-05-17

▶

CVEList

CVE-2011-2222: Session fixation vulnerability in WebAdmin in the Mobility Pack before 1↗2011-08-09

▶