CVE Vulnerabilities

CVE-2010-1507

Published: Sep 03, 2010 | Modified: Sep 06, 2010
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

WebYaST in yast2-webclient in SUSE Linux Enterprise (SLE) 11 on the WebYaST appliance uses a fixed secret key that is embedded in the appliances image, which allows remote attackers to spoof session cookies by leveraging knowledge of this key.

Affected Software

Name Vendor Start Version End Version
Suse_linux Novell 11 11

References