CVE-2015-0544

EMC ESRS VE <3.06 - Info Disclosure

Title source: llm
STIX 2.1

Description

EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly generate random values for session cookies, which makes it easier for remote attackers to hijack sessions by predicting a value.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1032740
Mailing List mailing-list x_refsource_bugtraq
http://seclists.org/bugtraq/2015/Jun/132

Scores

EPSS 0.0083
EPSS Percentile 74.7%

Details

Status published
Products (3)
emc/secure_remote_services 3.02
emc/secure_remote_services 3.03
emc/secure_remote_services 3.04
Published Jul 05, 2015
Tracked Since Feb 18, 2026