CVE-2014-2509
EMC Smarts Network Configuration Manager < 9.3 - Session Fixation in Report Advisor
Title source: llmDescription
Session fixation vulnerability in the Report Advisor (RA) component in EMC Network Configuration Manager (NCM) before 9.3 allows remote attackers to hijack web sessions via a session cookie.
References (5)
Core 5
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/59423
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.com/files/127301/EMC-Network-Configuration-Manager-NCM-Session-Fixation.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1030494
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2014-06/0168.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/533077/100/0/threaded
Scores
EPSS
0.0027
EPSS Percentile
51.0%
Details
Status
published
Products (2)
emc/smarts_network_configuration_manager
9.1
emc/smarts_network_configuration_manager
< 9.2
Published
Jul 01, 2014
Tracked Since
Feb 18, 2026