Predictable Session IDs in Ipswitch IMail 7.04 and Earlier: Remote Session Hijacking Vulnerability

Predictable Session IDs in Ipswitch IMail 7.04 and Earlier: Remote Session Hijacking Vulnerability

CVE-2001-1284 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Ipswitch IMail 7.04 and earlier uses predictable session IDs for authentication, which allows remote attackers to hijack sessions of other users.

Learn more about our User Device Pen Test.