Vulnerabilities > CVE-2008-0915 - Cross-Site Scripting vulnerability in IPdiva SSL VPN
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
The Mediation server in IPdiva SSL VPN Server 2.2 before 2.2.8.84 and 2.3 before 2.3.2.14 stores the number of remaining allowed login attempts in a cookie, which makes it easier for remote attackers to conduct brute force attacks by manipulating this cookie's value.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |