This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session cookie.
By reusing the stolen cookie, a remote attacker could gain unauthorized access to the targeted system.
Credits
Chinamay Joshi of ESDS Software Solution Limited, Maharashtra
