HIGH🇵🇱 Wersja polska

CVE-2016-5747

CVSS 7.5v3.0pub. 2017-03-23upd. 2026-05-13

A security vulnerability in cookie handling in the http stack implementation in NDSD in Novell eDirectory before 9.0.1 allows remote attackers to bypass intended access restrictions by leveraging predictable cookies.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Novell Edirectory

    APP
    Novell
    ≤ 9.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2008-5038CRITICAL9.8ten sam produkt

Use-after-free vulnerability in the NetWare Core Protocol (NCP) feature in Novell eDirectory 8.7.3 SP10 before...

CVE-2002-2119CRITICAL9.8ten sam produkt

Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote attackers to ...

CVE-2017-5186HIGH7.5ten sam produkt

Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 ...

CVE-2016-9167HIGH7.5ten sam produkt

NDSD in Novell eDirectory before 9.0.2 did not calculate ACLs on LDAP objects across partition boundaries corr...

CVE-2009-4653HIGH9.0ten sam produkt

Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authent...