Total
353 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-24823 | 1 Graylog | 1 Graylog | 2024-11-21 | 5.7 Medium |
| Graylog is a free and open log management platform. Starting in version 4.3.0 and prior to versions 5.1.11 and 5.2.4, reauthenticating with an existing session cookie would re-use that session id, even if for different user credentials. In this case, the pre-existing session could be used to gain elevated access to an existing Graylog login session, provided the malicious user could successfully inject their session cookie into someone else's browser. The complexity of such an attack is high, because it requires presenting a spoofed login screen and injection of a session cookie into an existing browser, potentially through a cross-site scripting attack. No such attack has been discovered. Graylog 5.1.11 and 5.2.4, and any versions of the 6.0 development branch, contain patches to not re-use sessions under any circumstances. Some workarounds are available. Using short session expiration and explicit log outs of unused sessions can help limiting the attack vector. Unpatched this vulnerability exists, but is relatively hard to exploit. A proxy could be leveraged to clear the `authentication` cookie for the Graylog server URL for the `/api/system/sessions` endpoint, as that is the only one vulnerable. | ||||
| CVE-2024-24552 | 1 Bludit | 1 Bludit | 2024-11-21 | N/A |
| A session fixation vulnerability in Bludit allows an attacker to bypass the server's authentication if they can trick an administrator or any other user into authorizing a session ID of their choosing. | ||||
| CVE-2024-23679 | 1 Enonic | 1 Xp | 2024-11-21 | 9.8 Critical |
| Enonic XP versions less than 7.7.4 are vulnerable to a session fixation issue. An remote and unauthenticated attacker can use prior sessions due to the lack of invalidating session attributes. | ||||
| CVE-2024-23590 | 1 Apache Software Foundation | 1 Apache Kylin | 2024-11-21 | 9.1 Critical |
| Session Fixation vulnerability in Apache Kylin. This issue affects Apache Kylin: from 2.0.0 through 4.x. Users are recommended to upgrade to version 5.0.0 or above, which fixes the issue. | ||||
| CVE-2024-22318 | 1 Ibm | 1 I Access Client Solutions | 2024-11-21 | 5.1 Medium |
| IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable to NT LAN Manager (NTLM) hash disclosure by an attacker modifying UNC capable paths within ACS configuration files to point to a hostile server. If NTLM is enabled, the Windows operating system will try to authenticate using the current user's session. The hostile server could capture the NTLM hash information to obtain the user's credentials. IBM X-Force ID: 279091. | ||||
| CVE-2024-22250 | 2024-11-21 | 7.8 High | ||
| Session Hijack vulnerability in Deprecated VMware Enhanced Authentication Plug-in could allow a malicious actor with unprivileged local access to a windows operating system can hijack a privileged EAP session when initiated by a privileged domain user on the same system. | ||||
| CVE-2024-0351 | 1 Engineers Online Portal Project | 1 Engineers Online Portal | 2024-11-21 | 3.1 Low |
| A vulnerability classified as problematic has been found in SourceCodester Engineers Online Portal 1.0. This affects an unknown part. The manipulation leads to session fixiation. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250119. | ||||
| CVE-2023-6913 | 1 Imoulife | 1 Imou Life | 2024-11-21 | 8.1 High |
| A session hijacking vulnerability has been detected in the Imou Life application affecting version 6.7.0. This vulnerability could allow an attacker to hijack user accounts due to the QR code functionality not properly filtering codes when scanning a new device and directly running WebView without prompting or displaying it to the user. This vulnerability could trigger phishing attacks. | ||||
| CVE-2023-5309 | 1 Puppet | 1 Puppet Enterprise | 2024-11-21 | 6.8 Medium |
| Versions of Puppet Enterprise prior to 2021.7.6 and 2023.5 contain a flaw which results in broken session management for SAML implementations. | ||||
| CVE-2023-52353 | 1 Arm | 1 Mbed Tls | 2024-11-21 | 7.5 High |
| An issue was discovered in Mbed TLS through 3.5.1. In mbedtls_ssl_session_reset, the maximum negotiable TLS version is mishandled. For example, if the last connection negotiated TLS 1.2, then 1.2 becomes the new maximum. | ||||
| CVE-2023-50941 | 1 Ibm | 1 Powersc | 2024-11-21 | 6.3 Medium |
| IBM PowerSC 1.3, 2.0, and 2.1 does not provide logout functionality, which could allow an authenticated user to gain access to an unauthorized user using session fixation. IBM X-Force ID: 275131. | ||||
| CVE-2023-50920 | 2 Gl-inet, Gl.inet | 36 Gl-a1300, Gl-a1300 Firmware, Gl-ar300m and 33 more | 2024-11-21 | 5.5 Medium |
| An issue was discovered on GL.iNet devices before version 4.5.0. They assign the same session ID after each user reboot, allowing attackers to share session identifiers between different sessions and bypass authentication or access control measures. Attackers can impersonate legitimate users or perform unauthorized actions. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR300M 4.3.7, and B1300 4.3.7. | ||||
| CVE-2023-4649 | 1 Instantcms | 1 Instantcms | 2024-11-21 | 5.4 Medium |
| Session Fixation in GitHub repository instantsoft/icms2 prior to 2.16.1. | ||||
| CVE-2023-49804 | 2 Dockge.kuma, Uptime.kuma | 2 Dockge, Uptime Kuma | 2024-11-21 | 6.7 Medium |
| Uptime Kuma is an easy-to-use self-hosted monitoring tool. Prior to version 1.23.9, when a user changes their login password in Uptime Kuma, a previously logged-in user retains access without being logged out. This behavior persists consistently, even after system restarts or browser restarts. This vulnerability allows unauthorized access to user accounts, compromising the security of sensitive information. The same vulnerability was partially fixed in CVE-2023-44400, but logging existing users out of their accounts was forgotten. To mitigate the risks associated with this vulnerability, the maintainers made the server emit a `refresh` event (clients handle this by reloading) and then disconnecting all clients except the one initiating the password change. It is recommended to update Uptime Kuma to version 1.23.9. | ||||
| CVE-2023-48929 | 1 Franklin-electric | 1 System Sentinel Anyware | 2024-11-21 | 9.8 Critical |
| Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24.492 is vulnerable to Session Fixation. The 'sid' parameter in the group_status.asp resource allows an attacker to escalate privileges and obtain sensitive information. | ||||
| CVE-2023-47798 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2024-11-21 | 5.4 Medium |
| Account lockout in Liferay Portal 7.2.0 through 7.3.0, and older unsupported versions, and Liferay DXP 7.2 before fix pack 5, and older unsupported versions does not invalidate existing user sessions, which allows remote authenticated users to remain authenticated after an account has been locked. | ||||
| CVE-2023-46733 | 1 Sensiolabs | 1 Symfony | 2024-11-21 | 6.5 Medium |
| Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 5.4.21 and 6.2.7 and prior to versions 5.4.31 and 6.3.8, `SessionStrategyListener` does not migrate the session after every successful login. It does so only in case the logged in user changes by means of checking the user identifier. In some use cases, the user identifier doesn't change between the verification phase and the successful login, while the token itself changes from one type (partially-authenticated) to another (fully-authenticated). When this happens, the session id should be regenerated to prevent possible session fixations, which is not the case at the moment. As of versions 5.4.31 and 6.3.8, Symfony now checks the type of the token in addition to the user identifier before deciding whether the session id should be regenerated. | ||||
| CVE-2023-45718 | 1 Hcltech | 1 Sametime | 2024-11-21 | 3.9 Low |
| Sametime is impacted by a failure to invalidate sessions. The application is setting sensitive cookie values in a persistent manner in Sametime Web clients. When this happens, cookie values can remain valid even after a user has closed out their session. | ||||
| CVE-2023-45687 | 1 Southrivertech | 2 Titan Mft Server, Titan Sftp Server | 2024-11-21 | 8.8 High |
| A session fixation vulnerability in South River Technologies' Titan MFT and Titan SFTP servers on Linux and Windows allows an attacker to bypass the server's authentication if they can trick an administrator into authorizating a session id of their choosing | ||||
| CVE-2023-44400 | 1 Uptime.kuma | 1 Uptime Kuma | 2024-11-21 | 6.7 Medium |
| Uptime Kuma is a self-hosted monitoring tool. Prior to version 1.23.3, attackers with access to a user's device can gain persistent account access. This is caused by missing verification of Session Tokens after password changes and/or elapsed inactivity periods. Version 1.23.3 has a patch for the issue. | ||||