Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-7347


Vulnerability Score 3.7 3.7
CVE Id CVE-2013-7347
Last Modified 31 Mar 2014 02:23:45
Published 31 Mar 2014 10:58:45
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE



Luci in Red Hat Conga does not properly enforce the user session timeout, which might allow attackers to gain access to the session by reading the __ac session cookie. NOTE: this issue has been SPLIT due to different vulnerability types. Use CVE-2012-3359 for the base64-encoded storage of the user and password in a cookie.

Vulnerable Systems

Operating System

  • Redhat Enterprise Linux 5


  • Redhat Conga



REDHAT - RHSA-2013:0128

Last Updated: 27 May 2016 11:04:48