Idera Server Backup Manager (R1Soft) – Session Fixation Vulnerability

Idera Server Backup Manager is an affordable, high-performance, disk-to-disk backup software for Linux and Windows servers. (This software was previously more commonly known as R1Soft Backup.)

WHMCS Complete Billing and Support

IderaVulnerability Description:

It is possible for a malicious user to clone an authenticated user / admin session which could result in unauthorized access.

Impact:

The vulnerability was rated as HIGH due to the fact that unauthorized access could be obtained.

Vulnerable Version:

This vulnerability is believed to exist in all previous versions.

Fixed Version:

This vulnerability was patched in Idera Server Backup Manager (R1Soft) v5.8.1.

Posted in Security.