Vulnerabilities > CVE-2014-2509 - Unspecified vulnerability in EMC Smarts Network Configuration Manager 9.1/9.2
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Session fixation vulnerability in the Report Advisor (RA) component in EMC Network Configuration Manager (NCM) before 9.3 allows remote attackers to hijack web sessions via a session cookie.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
References
- http://archives.neohapsis.com/archives/bugtraq/2014-06/0168.html
- http://archives.neohapsis.com/archives/bugtraq/2014-06/0168.html
- http://packetstormsecurity.com/files/127301/EMC-Network-Configuration-Manager-NCM-Session-Fixation.html
- http://packetstormsecurity.com/files/127301/EMC-Network-Configuration-Manager-NCM-Session-Fixation.html
- http://secunia.com/advisories/59423
- http://secunia.com/advisories/59423
- http://www.securityfocus.com/archive/1/533077/100/0/threaded
- http://www.securityfocus.com/archive/1/533077/100/0/threaded
- http://www.securitytracker.com/id/1030494
- http://www.securitytracker.com/id/1030494