CVE-2016-5747

CWE-284Improper Access Control3 documents3 sources
Severity
7.5HIGH
EPSS
0.3%
top 44.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Novell Edirectory
Timeline
PublishedMar 23
Latest updateMay 17

Description

A security vulnerability in cookie handling in the http stack implementation in NDSD in Novell eDirectory before 9.0.1 allows remote attackers to bypass intended access restrictions by leveraging predictable cookies.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5novell_edirectoryNovell eDirectory

🔴Vulnerability Details

2
GHSA
GHSA-vq5q-gm94-4cqm: A security vulnerability in cookie handling in the http stack implementation in NDSD in Novell eDirectory before 92022-05-17
CVEList
CVE-2016-5747: A security vulnerability in cookie handling in the http stack implementation in NDSD in Novell eDirectory before 92017-03-23
CVE-2016-5747 (HIGH CVSS 7.5) | A security vulnerability in cookie | cvebase.io