CVE-2014-8391

Published: 02/06/2015 Updated: 09/10/2018

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

VMScore: 405

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

The Web interface in Sendio prior to 7.2.4 does not properly handle sessions, which allows remote authenticated users to obtain sensitive information from other users' sessions via a large number of requests.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sendio sendio

1 Advisory Information Title: Sendio ESP Information Disclosure Vulnerability Advisory ID: CORE-2015-0010 Advisory URL: wwwcoresecuritycom/advisories/sendio-esp-information-disclosure-vulnerability Date published: 2015-05-22 Date of last update: 2015-05-22 Vendors contacted: Sendio Release mode: Coordinated release 2 Vulnerability Inf ...

Core Security Technologies Advisory - Sendio ESP (E-mail Security Platform) is a network appliance which provides anti-spam and anti-virus solutions for enterprises Two information disclosure issues were found affecting some versions of this software, and can lead to leakage of sensitive information such as user's session identifiers and/or user's ...

CWE-200 http://packetstormsecurity.com/files/132022/Sendio-ESP-Information-Disclosure.html https://www.exploit-db.com/exploits/37114/http://www.sendio.com/software-release-history/http://seclists.org/fulldisclosure/2015/May/95 http://www.securityfocus.com/archive/1/535592/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/37114/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-8391

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect