CVE-2011-2222

Novell Data Synchronizer - Info Disclosure

Title source: llm

Description

Session fixation vulnerability in WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to hijack web sessions via unspecified vectors.

References (3)

[Vendor Advisory] http://secunia.com/advisories/45527

[Vendor Advisory] http://www.novell.com/support/viewContent.do?externalId=7009054

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/49069

Scores

EPSS 0.0036

EPSS Percentile 57.9%

Classification

Status draft

Affected Products (8)

novell/data_synchronizer

novell/mobility_pack

Timeline

Published Aug 09, 2011

Tracked Since Feb 18, 2026