CVE-2014-1984

Cybozu Remote Service Manager <3.1.1 - Session Fixation

Title source: llm

Description

Session fixation vulnerability in the management screen in Cybozu Remote Service Manager through 2.3.0 and 3.x before 3.1.1 allows remote attackers to hijack web sessions via unspecified vectors.

References (3)

[Patch, Vendor Advisory] http://cs.cybozu.co.jp/information/20130317notice02.php

[Third Party Advisory, VDB Entry] http://jvn.jp/en/jp/JVN00058727/index.html

[Third Party Advisory, VDB Entry] http://jvndb.jvn.jp/jvndb/JVNDB-2014-000040

Scores

EPSS 0.0056

EPSS Percentile 67.8%

Classification

CWE

CWE-287

Status draft

Affected Products (1)

cybozu/remote_service_manager < 2.3.0

Timeline

Published Apr 19, 2014

Tracked Since Feb 18, 2026