Session Hijacking Vulnerability in EMC Data Domain OS

CVE-2016-0910 · MEDIUM Severity

AV:L/AC:L/AU:S/C:P/I:P/A:P

EMC Data Domain OS 5.5 before 5.5.4.0, 5.6 before 5.6.1.004, and 5.7 before 5.7.2.0 stores session identifiers of GUI users in a world-readable file, which allows local users to hijack arbitrary accounts via unspecified vectors.

Learn more about our User Device Pen Test.