ID CVE-2018-10240
Summary SolarWinds Serv-U MFT before 15.1.6 HFv1 assigns authenticated users a low-entropy session token that can be included in requests to the application as a URL parameter in lieu of a session cookie. This session token's value can be brute-forced by an attacker to obtain the corresponding session cookie and hijack the user's session.
References
Vulnerable Configurations
  • cpe:2.3:a:solarwinds:serv-u:15.1.6
    cpe:2.3:a:solarwinds:serv-u:15.1.6
CVSS
Base: 5.0
Impact:
Exploitability:
CWE CWE-331
CAPEC
  • Session Credential Falsification through Prediction
    This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.
refmap via4
misc https://www.bishopfox.com/news/2018/05/solarwinds-serv-u-managed-file-transfer-insufficient-session-id-entropy/
Last major update 16-05-2018 - 10:29
Published 16-05-2018 - 10:29
Last modified 25-06-2018 - 13:04
Back to Top