CVE-2015-2029

3 documents3 sources
Severity
4.3MEDIUM
EPSS
0.2%
top 52.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Websphere Extreme Scale
Timeline
PublishedOct 4
Latest updateMay 17

Description

Session fixation vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote attackers to hijack web sessions via a session identifier.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDibm/websphere_extreme_scale7.1.0, 7.1.0.2, 7.1.1+2

Patches

Patch: www-01.ibm.comPatch: www-01.ibm.comPatch: www-01.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-q8p9-9xvp-pvfh: Session fixation vulnerability in IBM WebSphere eXtreme Scale 72022-05-17
CVEList
CVE-2015-2029: Session fixation vulnerability in IBM WebSphere eXtreme Scale 72015-10-04
CVE-2015-2029 (MEDIUM CVSS 4.3) | Session fixation vulnerability in I | cvebase.io