Short Name |
HTTP:CA-SSNID-PE |
---|---|
Severity |
Major |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
CA 2E Web Option Unauthenticated Privilege Escalation |
Release Date |
2017/04/17 |
Update Number |
2868 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
There exists a vulnerability in CA 2E Web Option. Successful Exploitation can lead to unauthenticated privilege escalation via a predictable session token.
CA 2E Web Option r8.1.2 accepts a predictable substring of a W2E_SSNID session token in place of the entire token, which allows remote attackers to hijack sessions by changing characters at the end of this substring, as demonstrated by terminating a session via a modified SSNID parameter to web2edoc/close.htm.