Unrated severityNVD Advisory· Published May 26, 2009· Updated Apr 23, 2026

CVE-2009-1634

Description

The WebAccess component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 does not properly implement session management mechanisms, which allows remote attackers to gain access to user accounts via unspecified vectors.

Affected products

Novell/Groupwise9 versions
cpe:2.3:a:novell:groupwise:7.0:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:novell:groupwise:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:novell:groupwise:7.0.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:novell:groupwise:7.0.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:novell:groupwise:7.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:novell:groupwise:7.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:novell:groupwise:7.03:hp1a:*:*:*:*:*:*
- cpe:2.3:a:novell:groupwise:7.03:hp2:*:*:*:*:*:*
- cpe:2.3:a:novell:groupwise:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:novell:groupwise:8.0:hp1:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/35177nvdVendor Advisory
www.novell.com/support/viewContent.donvdVendor Advisory
www.vupen.com/english/advisories/2009/1393nvdVendor Advisory
bugzilla.novell.com/show_bug.cginvdVendor Advisory
www.securityfocus.com/bid/35066nvd
exchange.xforce.ibmcloud.com/vulnerabilities/50688nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000