Total
300 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-5309 | 1 Puppet | 1 Puppet Enterprise | 2023-11-15 | N/A | 9.8 CRITICAL |
| Versions of Puppet Enterprise prior to 2021.7.6 and 2023.5 contain a flaw which results in broken session management for SAML implementations. | |||||
| CVE-2021-42073 | 1 Barrier Project | 1 Barrier | 2023-11-13 | 5.8 MEDIUM | 8.2 HIGH |
| An issue was discovered in Barrier before 2.4.0. An attacker can enter an active session state with the barriers component (aka the server-side implementation of Barrier) simply by supplying a client label that identifies a valid client configuration. This label is "Unnamed" by default but could instead be guessed from hostnames or other publicly available information. In the active session state, an attacker can capture input device events from the server, and also modify the clipboard content on the server. | |||||
| CVE-2023-0897 | 1 Sielco | 6 Polyeco1000, Polyeco1000 Firmware, Polyeco300 and 3 more | 2023-11-07 | N/A | 9.8 CRITICAL |
| Sielco PolyEco1000 is vulnerable to a session hijack vulnerability due to the cookie being vulnerable to a brute force attack, lack of SSL, and the session being visible in requests. | |||||
| CVE-2021-42761 | 1 Fortinet | 1 Fortiweb | 2023-11-07 | N/A | 9.8 CRITICAL |
| A condition for session fixation vulnerability [CWE-384] in the session management of FortiWeb versions 6.4 all versions, 6.3.0 through 6.3.16, 6.2.0 through 6.2.6, 6.1.0 through 6.1.2, 6.0.0 through 6.0.7, 5.9.0 through 5.9.1 may allow a remote, unauthenticated attacker to infer the session identifier of other users and possibly usurp their session. | |||||
| CVE-2021-35046 | 1 Icehrm | 1 Icehrm | 2023-11-07 | 5.8 MEDIUM | 6.1 MEDIUM |
| A session fixation vulnerability was discovered in Ice Hrm 29.0.0 OS which allows an attacker to hijack a valid user session via a crafted session cookie. | |||||
| CVE-2020-9370 | 1 Humaxdigital | 2 Hga12r-02, Hga12r-02 Firmware | 2023-11-07 | 6.4 MEDIUM | 9.1 CRITICAL |
| HUMAX HGA12R-02 BRGCAA 1.1.53 devices allow Session Hijacking. | |||||
| CVE-2020-8434 | 1 Jenzabar | 1 Internet Campus Solution | 2023-11-07 | 5.0 MEDIUM | 9.8 CRITICAL |
| Jenzabar JICS (aka Internet Campus Solution) before 9.0.1 Patch 3, 9.1 before 9.1.2 Patch 2, and 9.2 before 9.2.2 Patch 8 has session cookies that are a deterministic function of the username. There is a hard-coded password to supply a PBKDF feeding into AES to encrypt a username and base64 encode it to a client-side cookie for persistent session authentication. By knowing the key and algorithm, an attacker can select any username, encrypt it, base64 encode it, and save it in their browser with the correct JICSLoginCookie cookie format to impersonate any real user in the JICS database without the need for authenticating (or verifying with MFA if implemented). | |||||
| CVE-2020-1762 | 2 Kiali, Redhat | 2 Kiali, Openshift Service Mesh | 2023-11-07 | 7.5 HIGH | 8.6 HIGH |
| An insufficient JWT validation vulnerability was found in Kiali versions 0.4.0 to 1.15.0 and was fixed in Kiali version 1.15.1, wherein a remote attacker could abuse this flaw by stealing a valid JWT cookie and using that to spoof a user session, possibly gaining privileges to view and alter the Istio configuration. | |||||
| CVE-2019-18946 | 1 Microfocus | 1 Solutions Business Manager | 2023-11-07 | 3.8 LOW | 4.8 MEDIUM |
| Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to session fixation. | |||||
| CVE-2019-17563 | 5 Apache, Canonical, Debian and 2 more | 11 Tomcat, Ubuntu Linux, Debian Linux and 8 more | 2023-11-07 | 5.1 MEDIUM | 7.5 HIGH |
| When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. The window was considered too narrow for an exploit to be practical but, erring on the side of caution, this issue has been treated as a security vulnerability. | |||||
| CVE-2019-10084 | 1 Apache | 1 Impala | 2023-11-07 | 4.6 MEDIUM | 7.5 HIGH |
| In Apache Impala 2.7.0 to 3.2.0, an authenticated user with access to the IDs of active Impala queries or sessions can interact with those sessions or queries via a specially-constructed request and thereby potentially bypass authorization and audit mechanisms. Session and query IDs are unique and random, but have not been documented or consistently treated as sensitive secrets. Therefore they may be exposed in logs or interfaces. They were also not generated with a cryptographically secure random number generator, so are vulnerable to random number generator attacks that predict future IDs based on past IDs. Impala deployments with Apache Sentry or Apache Ranger authorization enabled may be vulnerable to privilege escalation if an authenticated attacker is able to hijack a session or query from another authenticated user with privileges not assigned to the attacker. Impala deployments with audit logging enabled may be vulnerable to incorrect audit logging as a user could undertake actions that were logged under the name of a different authenticated user. Constructing an attack requires a high degree of technical sophistication and access to the Impala system as an authenticated user. | |||||
| CVE-2018-5385 | 1 Navarino | 1 Infinity | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Navarino Infinity is prone to session fixation attacks. The server accepts the session ID as a GET parameter which can lead to bypassing the two factor authentication in some installations. This could lead to phishing attacks that can bypass the two factor authentication that is present in some installations. | |||||
| CVE-2018-17199 | 5 Apache, Canonical, Debian and 2 more | 6 Http Server, Ubuntu Linux, Debian Linux and 3 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded. | |||||
| CVE-2018-12538 | 2 Eclipse, Netapp | 12 Jetty, E-series Santricity Management Plug-ins, E-series Santricity Os Controller and 9 more | 2023-11-07 | 6.5 MEDIUM | 8.8 HIGH |
| In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the FileSystem's storage for the FileSessionDataStore. | |||||
| CVE-2018-11385 | 3 Debian, Fedoraproject, Sensiolabs | 3 Debian Linux, Fedora, Symfony | 2023-11-07 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. A session fixation vulnerability within the "Guard" login feature may allow an attacker to impersonate a victim towards the web application if the session id value was previously known to the attacker. | |||||
| CVE-2017-5656 | 1 Apache | 1 Cxf | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| Apache CXF's STSClient before 3.1.11 and 3.0.13 uses a flawed way of caching tokens that are associated with delegation tokens, which means that an attacker could craft a token which would return an identifer corresponding to a cached token for another user. | |||||
| CVE-2017-3968 | 1 Mcafee | 2 Network Data Loss Prevention, Network Security Manager | 2023-11-07 | 6.4 MEDIUM | 9.1 CRITICAL |
| Session fixation vulnerability in the web interface in McAfee Network Security Manager (NSM) before 8.2.7.42.2 and McAfee Network Data Loss Prevention (NDLP) before 9.3.4.1.5 allows remote attackers to disclose sensitive information or manipulate the database via a crafted authentication cookie. | |||||
| CVE-2017-12619 | 1 Apache | 1 Zeppelin | 2023-11-07 | 5.8 MEDIUM | 8.1 HIGH |
| Apache Zeppelin prior to 0.7.3 was vulnerable to session fixation which allowed an attacker to hijack a valid user session. Issue was reported by "stone lone". | |||||
| CVE-2016-9574 | 1 Mozilla | 1 Network Security Services | 2023-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| nss before version 3.30 is vulnerable to a remote denial of service during the session handshake when using SessionTicket extension and ECDHE-ECDSA. | |||||
| CVE-2016-8638 | 1 Ipsilon Project | 1 Ipsilon | 2023-11-07 | 6.4 MEDIUM | 9.1 CRITICAL |
| A vulnerability in ipsilon 2.0 before 2.0.2, 1.2 before 1.2.1, 1.1 before 1.1.2, and 1.0 before 1.0.3 was found that allows attacker to log out active sessions of other users. This issue is related to how it tracks sessions, and allows an unauthenticated attacker to view and terminate active sessions from other users. It is also called a "SAML2 multi-session vulnerability." | |||||