Back to search
CVE-2003-1312
Published: Dec 15, 2006
Modified: Aug 8, 2024
PUBLISHED
Description
siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder places a session ID string in the value of the SMSESSION parameter in a URL, which might allow remote attackers to obtain the ID by sniffing, reading Referer logs, or other methods.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[curl-users] 20030529 Re: https, redirection and authentication using POST
mailing-list
x_refsource_MLIST
30741
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now