CVE Vulnerabilities

CVE-2008-0915

Published: Feb 22, 2008 | Modified: Oct 15, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.4 MEDIUM
AV:N/AC:L/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

The Mediation server in IPdiva SSL VPN Server 2.2 before 2.2.8.84 and 2.3 before 2.3.2.14 stores the number of remaining allowed login attempts in a cookie, which makes it easier for remote attackers to conduct brute force attacks by manipulating this cookies value.

Affected Software

Name Vendor Start Version End Version
Ipdiva Ipdiva * 2.2.8
Ipdiva Ipdiva * 2.3.2

References