CVE-2010-2149

Fujitsu E-pares - Authentication Bypass

Title source: rule

Description

Session fixation vulnerability in Fujitsu e-Pares V01 L01, L03, L10, L20, L30 allows remote attackers to hijack web sessions via unspecified vectors.

References (5)

[Third Party Advisory] http://jvn.jp/en/jp/JVN36925871/index.html

[Third Party Advisory] http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000023.html

[Vendor Advisory] http://secunia.com/advisories/40029

[Vendor Advisory] http://software.fujitsu.com/jp/security/vulnerabilities/jvn-36925871-58439007-82465391.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/40513

Scores

EPSS 0.0034

EPSS Percentile 56.3%

Classification

CWE

CWE-287

Status draft

Affected Products (6)

fujitsu/e-pares

fujitsu/e-pares

fujitsu/e-pares

fujitsu/e-pares

fujitsu/e-pares

fujitsu/e-pares

Timeline

Published Jun 03, 2010

Tracked Since Feb 18, 2026