Insecure Session ID Generation in EMC SourceOne Email Supervisor before 7.2

Insecure Session ID Generation in EMC SourceOne Email Supervisor before 7.2

CVE-2015-6845 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

EMC SourceOne Email Supervisor before 7.2 does not properly employ random values for session IDs, which makes it easier for remote attackers to obtain access by guessing an ID.

Learn more about our Web Application Penetration Testing UK.