Vulnerabilities > CVE-2005-2185 - Remote Security vulnerability in Eroom

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
emc

Summary

eRoom does not set an expiration for Cookies, which allows remote attackers to capture cookies and conduct replay attacks.