CVE-2013-4732

Name of the Vulnerable Software and Affected Versions Digital Alert Systems DASDEC EAS device versions 2.0-2 through 2.0-2 Monroe Electronics R189 One-Net EAS device versions 2.0-2 through 2.0-2

Description The administrative web server uses predictable session ID values, making it easier for remote attackers to hijack sessions by sniffing the network.

Recommendations For Digital Alert Systems DASDEC EAS device version 2.0-2, consider implementing additional session security measures to prevent hijacking. For Monroe Electronics R189 One-Net EAS device version 2.0-2, as the issue could not be reproduced, monitor the device for any potential security issues and apply any future patches or updates that may address related problems.