Vulnerabilities > EMC > Secure Remote Services > 3.04
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-07-05 | CVE-2015-0544 | Session Cookie Generation Weakness vulnerability in EMC Secure Remote Services 3.02/3.03/3.04 EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly generate random values for session cookies, which makes it easier for remote attackers to hijack sessions by predicting a value. | 9.3 |
2015-07-05 | CVE-2015-0543 | Improper Input Validation vulnerability in EMC Secure Remote Services 3.02/3.03/3.04 EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.8 |