PT-2012-5671 · Pattern Insight · Pattern Insight

Published

2012-11-18

·

Updated

2017-08-29

·

CVE-2012-4937

CVSS v2.0

6.8

Medium

VectorAV:N/AC:M/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions Pattern Insight version 2.3
Description The issue allows remote attackers to hijack web sessions. This is achieved via a jsession id cookie in the web interface.
Recommendations For Pattern Insight version 2.3, update to a version that fixes this issue to prevent session hijacking.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

CVE-2012-4937

Affected Products

Pattern Insight