7.5

CVE-2009-1634

The WebAccess component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 does not properly implement session management mechanisms, which allows remote attackers to gain access to user accounts via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
NovellGroupwise Version7.0
NovellGroupwise Version7.0.0 Updatesp1
NovellGroupwise Version7.0.0 Updatesp2
NovellGroupwise Version7.0.2
NovellGroupwise Version7.0.3
NovellGroupwise Version7.03 Updatehp1a
NovellGroupwise Version7.03 Updatehp2
NovellGroupwise Version8.0
NovellGroupwise Version8.0 Updatehp1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 7.22% 0.935
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/35177
Vendor Advisory
http://www.securityfocus.com/bid/35066
http://www.vupen.com/english/advisories/2009/1393
Vendor Advisory
http://www.novell.com/support/viewContent.do?externalId=7003266&sliceId=1
Vendor Advisory
https://bugzilla.novell.com/show_bug.cgi?id=472979
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/50688