Total
300 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-42345 | 1 Siemens | 1 Sinema Remote Connect Server | 2024-09-10 | N/A | 4.3 MEDIUM |
| A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP2). The affected application does not properly handle user session establishment and invalidation. This could allow a remote attacker to circumvent the additional multi factor authentication for user session establishment. | |||||
| CVE-2023-38018 | 1 Ibm | 1 Aspera Shares | 2024-08-29 | N/A | 5.4 MEDIUM |
| IBM Aspera Shares 1.10.0 PL2 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 260574. | |||||
| CVE-2020-8826 | 1 Argoproj | 1 Argo Cd | 2024-08-07 | 5.0 MEDIUM | 7.5 HIGH |
| As of v1.5.0, the Argo web interface authentication system issued immutable tokens. Authentication tokens, once issued, were usable forever without expiration—there was no refresh or forced re-authentication. | |||||
| CVE-2017-11191 | 1 Freeipa | 1 Freeipa | 2024-08-05 | 6.5 MEDIUM | 8.8 HIGH |
| FreeIPA 4.x with API version 2.213 allows a remote authenticated users to bypass intended account-locking restrictions via an unlock action with an old session ID (for the same user account) that had been created for an earlier session. NOTE: Vendor states that issue does not exist in product and does not recognize this report as a valid security concern | |||||
| CVE-2018-11567 | 1 Amazon | 10 Echo, Echo Dot, Echo Dot Firmware and 7 more | 2024-08-05 | 4.3 MEDIUM | 3.3 LOW |
| Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. The reprompt feature is designed so that if Alexa does not receive an input within 8 seconds, the device can speak a reprompt, then wait an additional 8 seconds for input; if the user still does not respond, the microphone is then turned off. The vulnerability involves empty output-speech reprompts, custom wildcard ("gibberish") input slots, and logging of detected speech. If a maliciously designed skill is installed, an attacker could obtain transcripts of speech not intended for Alexa to process, but simply spoken within the device's hearing range. NOTE: The vendor states "Customer trust is important to us and we take security and privacy seriously. We have put mitigations in place for detecting this type of skill behavior and reject or suppress those skills when we do. Customers do not need to take any action for these mitigations to work. | |||||
| CVE-2021-41553 | 1 Archibus | 1 Web Central | 2024-08-04 | 7.5 HIGH | 9.8 CRITICAL |
| In ARCHIBUS Web Central 21.3.3.815 (a version from 2014), the Web Application in /archibus/login.axvw assign a session token that could be already in use by another user. It was therefore possible to access the application through a user whose credentials were not known, without any attempt by the testers to modify the application logic. It is also possible to set the value of the session token, client-side, simply by making an unauthenticated GET Request to the Home Page and adding an arbitrary value to the JSESSIONID field. The application, following the login, does not assign a new token, continuing to keep the inserted one, as the identifier of the entire session. This is fixed in all recent versions, such as version 26. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Version 21.3 was officially de-supported by the end of 2020 | |||||
| CVE-2024-2639 | 2024-05-17 | N/A | N/A | ||
| A vulnerability was found in Bdtask Wholesale Inventory Management System up to 20240311. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to session fixiation. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257245 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-0351 | 1 Engineers Online Portal Project | 1 Engineers Online Portal | 2024-05-17 | N/A | 3.5 LOW |
| A vulnerability classified as problematic has been found in SourceCodester Engineers Online Portal 1.0. This affects an unknown part. The manipulation leads to session fixiation. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250119. | |||||
| CVE-2014-125048 | 1 Kluks | 1 Xingwall | 2024-05-17 | N/A | 5.4 MEDIUM |
| A vulnerability, which was classified as critical, has been found in kassi xingwall. This issue affects some unknown processing of the file app/controllers/oauth.js. The manipulation leads to session fixiation. The patch is named e9f0d509e1408743048e29d9c099d36e0e1f6ae7. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217559. | |||||
| CVE-2019-11213 | 2 Ivanti, Pulsesecure | 3 Connect Secure, Pulse Connect Secure, Pulse Secure Desktop Client | 2024-02-27 | 6.8 MEDIUM | 8.1 HIGH |
| In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain unauthorized access as an end user, a related issue to CVE-2019-1573. (The endpoint would need to be already compromised for exploitation to succeed.) This affects Pulse Desktop Client 5.x before Secure Desktop 5.3R7 and Pulse Desktop Client 9.x before Secure Desktop 9.0R3. It also affects (for Network Connect customers) Pulse Connect Secure 8.1 before 8.1R14, 8.3 before 8.3R7, and 9.0 before 9.0R3. | |||||
| CVE-2021-2351 | 1 Oracle | 111 Advanced Networking Option, Agile Engineering Data Management, Agile Plm and 108 more | 2024-02-16 | 5.1 MEDIUM | 8.3 HIGH |
| Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Advanced Networking Option, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Advanced Networking Option. Note: The July 2021 Critical Patch Update introduces a number of Native Network Encryption changes to deal with vulnerability CVE-2021-2351 and prevent the use of weaker ciphers. Customers should review: "Changes in Native Network Encryption with the July 2021 Critical Patch Update" (Doc ID 2791571.1). CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H). | |||||
| CVE-2024-24823 | 1 Graylog | 1 Graylog | 2024-02-15 | N/A | 4.4 MEDIUM |
| Graylog is a free and open log management platform. Starting in version 4.3.0 and prior to versions 5.1.11 and 5.2.4, reauthenticating with an existing session cookie would re-use that session id, even if for different user credentials. In this case, the pre-existing session could be used to gain elevated access to an existing Graylog login session, provided the malicious user could successfully inject their session cookie into someone else's browser. The complexity of such an attack is high, because it requires presenting a spoofed login screen and injection of a session cookie into an existing browser, potentially through a cross-site scripting attack. No such attack has been discovered. Graylog 5.1.11 and 5.2.4, and any versions of the 6.0 development branch, contain patches to not re-use sessions under any circumstances. Some workarounds are available. Using short session expiration and explicit log outs of unused sessions can help limiting the attack vector. Unpatched this vulnerability exists, but is relatively hard to exploit. A proxy could be leveraged to clear the `authentication` cookie for the Graylog server URL for the `/api/system/sessions` endpoint, as that is the only one vulnerable. | |||||
| CVE-2022-2820 | 1 Namelessmc | 1 Nameless | 2024-02-09 | N/A | 8.2 HIGH |
| Session Fixation in GitHub repository namelessmc/nameless prior to v2.0.2. | |||||
| CVE-2023-50941 | 1 Ibm | 1 Powersc | 2024-02-02 | N/A | 5.4 MEDIUM |
| IBM PowerSC 1.3, 2.0, and 2.1 does not provide logout functionality, which could allow an authenticated user to gain access to an unauthorized user using session fixation. IBM X-Force ID: 275131. | |||||
| CVE-2022-46480 | 1 U-tec | 2 Ultraloq Ul3 Bt, Ultraloq Ul3 Bt Firmware | 2024-01-16 | N/A | 8.1 HIGH |
| Incorrect Session Management and Credential Re-use in the Bluetooth LE stack of the Ultraloq UL3 2nd Gen Smart Lock Firmware 02.27.0012 allows an attacker to sniff the unlock code and unlock the device whilst within Bluetooth range. | |||||
| CVE-2022-43398 | 1 Siemens | 4 7kg9501-0aa01-2aa1, 7kg9501-0aa01-2aa1 Firmware, 7kg9501-0aa31-2aa1 and 1 more | 2024-01-09 | N/A | 8.8 HIGH |
| A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50). Affected devices do not renew the session cookie after login/logout and also accept user defined session cookies. An attacker could overwrite the stored session cookie of a user. After the victim logged in, the attacker is given access to the user's account through the activated session. | |||||
| CVE-2023-6913 | 1 Imoulife | 1 Imou Life | 2023-12-28 | N/A | 8.1 HIGH |
| A session hijacking vulnerability has been detected in the Imou Life application affecting version 6.7.0. This vulnerability could allow an attacker to hijack user accounts due to the QR code functionality not properly filtering codes when scanning a new device and directly running WebView without prompting or displaying it to the user. This vulnerability could trigger phishing attacks. | |||||
| CVE-2019-10158 | 2 Infinispan, Redhat | 2 Infinispan, Jboss Data Grid | 2023-12-27 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw was found in Infinispan through version 9.4.14.Final. An improper implementation of the session fixation protection in the Spring Session integration can result in incorrect session handling. | |||||
| CVE-2023-49804 | 2 Dockge.kuma, Uptime.kuma | 2 Dockge, Uptime Kuma | 2023-12-14 | N/A | 7.8 HIGH |
| Uptime Kuma is an easy-to-use self-hosted monitoring tool. Prior to version 1.23.9, when a user changes their login password in Uptime Kuma, a previously logged-in user retains access without being logged out. This behavior persists consistently, even after system restarts or browser restarts. This vulnerability allows unauthorized access to user accounts, compromising the security of sensitive information. The same vulnerability was partially fixed in CVE-2023-44400, but logging existing users out of their accounts was forgotten. To mitigate the risks associated with this vulnerability, the maintainers made the server emit a `refresh` event (clients handle this by reloading) and then disconnecting all clients except the one initiating the password change. It is recommended to update Uptime Kuma to version 1.23.9. | |||||
| CVE-2023-48929 | 1 Franklin-electric | 1 System Sentinel Anyware | 2023-12-12 | N/A | 9.8 CRITICAL |
| Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24.492 is vulnerable to Session Fixation. The 'sid' parameter in the group_status.asp resource allows an attacker to escalate privileges and obtain sensitive information. | |||||