Total
238 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-14387 | 1 Wondercms | 1 Wondercms | 2018-09-19 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in WonderCMS before 2.5.2. An attacker can create a new session on a web application and record the associated session identifier. The attacker then causes the victim to authenticate against the server using the same session identifier. The attacker can access the user's account through the active session. The Session Fixation attack fixes a session on the victim's browser, so the attack starts before the user logs in. | |||||
| CVE-2018-1000519 | 1 Aio-libs Project | 1 Aiohttp | 2018-08-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| aio-libs aiohttp-session contains a Session Fixation vulnerability in load_session function for RedisStorage (see: https://github.com/aio-libs/aiohttp-session/blob/master/aiohttp_session/redis_storage.py#L42) that can result in Session Hijacking. This attack appear to be exploitable via Any method that allows setting session cookies (?session=<>, or meta tags or script tags with Set-Cookie). | |||||
| CVE-2018-1000602 | 1 Jenkins | 1 Saml | 2018-08-17 | 4.3 MEDIUM | 5.9 MEDIUM |
| A session fixation vulnerability exists in Jenkins SAML Plugin 1.0.6 and earlier in SamlSecurityRealm.java that allows unauthorized attackers to impersonate another users if they can control the pre-authentication session. | |||||
| CVE-2018-12071 | 1 Codeigniter | 1 Codeigniter | 2018-08-10 | 7.5 HIGH | 9.8 CRITICAL |
| A Session Fixation issue exists in CodeIgniter before 3.1.9 because session.use_strict_mode in the Session Library was mishandled. | |||||
| CVE-2018-11714 | 1 Tp-link | 4 Tl-wr840n, Tl-wr840n Firmware, Tl-wr841n and 1 more | 2018-07-31 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. This issue is caused by improper session handling on the /cgi/ folder or a /cgi file. If an attacker sends a header of "Referer: http://192.168.0.1/mainFrame.htm" then no authentication is required for any action. | |||||
| CVE-2018-11567 | 1 Amazon | 10 Echo, Echo Dot, Echo Dot Firmware and 7 more | 2018-07-05 | 4.3 MEDIUM | 3.3 LOW |
| ** DISPUTED ** Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. The reprompt feature is designed so that if Alexa does not receive an input within 8 seconds, the device can speak a reprompt, then wait an additional 8 seconds for input; if the user still does not respond, the microphone is then turned off. The vulnerability involves empty output-speech reprompts, custom wildcard ("gibberish") input slots, and logging of detected speech. If a maliciously designed skill is installed, an attacker could obtain transcripts of speech not intended for Alexa to process, but simply spoken within the device's hearing range. NOTE: The vendor states "Customer trust is important to us and we take security and privacy seriously. We have put mitigations in place for detecting this type of skill behavior and reject or suppress those skills when we do. Customers do not need to take any action for these mitigations to work." | |||||
| CVE-2017-12868 | 2 Php, Simplesamlphp | 2 Php, Simplesamlphp | 2018-06-30 | 7.5 HIGH | 9.8 CRITICAL |
| The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAMLphp 1.14.13 and earlier, when used with PHP before 5.6, allows attackers to conduct session fixation attacks or possibly bypass authentication by leveraging missing character conversions before an XOR operation. | |||||
| CVE-2018-11474 | 1 Monstra | 1 Monstra | 2018-06-28 | 6.0 MEDIUM | 8.0 HIGH |
| Monstra CMS 3.0.4 has a Session Management Issue in the Administrations Tab. A password change at admin/index.php?id=users&action=edit&user_id=1 does not invalidate a session that is open in a different browser. | |||||
| CVE-2018-11475 | 1 Monstra | 1 Monstra | 2018-06-28 | 6.0 MEDIUM | 8.0 HIGH |
| Monstra CMS 3.0.4 has a Session Management Issue in the Users tab. A password change at users/1/edit does not invalidate a session that is open in a different browser. | |||||
| CVE-2018-11571 | 1 Clippercms | 1 Clippercms | 2018-06-27 | 6.8 MEDIUM | 8.8 HIGH |
| ClipperCMS 1.3.3 allows Session Fixation. | |||||
| CVE-2018-10252 | 1 Actiontec | 2 Wcb6200q, Wcb6200q Firmware | 2018-06-20 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered on Actiontec WCB6200Q before 1.1.10.20a devices. The admin login session cookie is insecurely generated making admin session hijacking possible. When an admin logs in, a session cookie is generated using the time of day rounded to 10ms. Since the web server returns its current time of day in responses, it is possible to step backward through possible session values until a working one is found. Once a working session ID is found, an attacker then has admin control of the device and can add a secondary SSID to create a backdoor to the network. | |||||
| CVE-2018-1148 | 1 Tenable | 1 Nessus | 2018-06-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| In Nessus before 7.1.0, Session Fixation exists due to insufficient session management within the application. An authenticated attacker could maintain system access due to session fixation after a user password change. | |||||
| CVE-2018-1000173 | 1 Jenkins | 1 Google Login | 2018-06-13 | 4.3 MEDIUM | 5.9 MEDIUM |
| A session fixaction vulnerability exists in Jenkins Google Login Plugin 1.3 and older in GoogleOAuth2SecurityRealm.java that allows unauthorized attackers to impersonate another user if they can control the pre-authentication session. | |||||
| CVE-2013-2049 | 1 Redhat | 1 Cloudforms Management Engine | 2018-06-13 | 5.0 MEDIUM | 7.5 HIGH |
| Red Hat CloudForms 2 Management Engine (CFME) allows remote attackers to conduct session tampering attacks by leveraging use of a static secret_token.rb secret. | |||||
| CVE-2018-0564 | 1 Lockon | 1 Ec-cube | 2018-05-24 | 5.8 MEDIUM | 8.1 HIGH |
| Session fixation vulnerability in EC-CUBE (EC-CUBE 3.0.0, EC-CUBE 3.0.1, EC-CUBE 3.0.2, EC-CUBE 3.0.3, EC-CUBE 3..4, EC-CUBE 3.0.5, EC-CUBE 3.0.6, EC-CUBE 3.0.7, EC-CUBE 3.0.8, EC-CUBE 3.0.9, EC-CUBE 3.0.10, EC-CUBE 3.0.11, EC-CUBE 3.0.12, EC-CUBE 3.0.12-p1, EC-CUBE 3.0.13, EC-CUBE 3.0.14, EC-CUBE 3.0.15) allows remote attackers to perform arbitrary operations via unspecified vectors. | |||||
| CVE-2018-6959 | 1 Vmware | 1 Vrealize Automation | 2018-05-17 | 7.5 HIGH | 9.8 CRITICAL |
| VMware vRealize Automation (vRA) prior to 7.4.0 contains a vulnerability in the handling of session IDs. Exploitation of this issue may lead to the hijacking of a valid vRA user's session. | |||||
| CVE-2017-18125 | 1 Qualcomm | 18 Mdm9206, Mdm9206 Firmware, Mdm9607 and 15 more | 2018-05-14 | 5.0 MEDIUM | 7.5 HIGH |
| In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850, when secure camera is activated it stores captured data in protected buffers. The TEE application which uses secure camera expects those buffers to contain data captured during the current camera session. It is possible though for HLOS to put aside and reuse one or more of the protected buffers with previously captured data during next camera session. Such data reuse must be prevented as the TEE applications expects to receive valid data captured during the current session only. | |||||
| CVE-2017-11562 | 1 Mt4 | 1 Senhasegura | 2018-01-12 | 6.8 MEDIUM | 8.8 HIGH |
| A Session Fixation Vulnerability exists in the MT4 Networks SenhaSegura Web Application 2.2.23.8 via login_if.php. | |||||
| CVE-2017-1270 | 1 Ibm | 1 Security Guardium | 2018-01-03 | 2.1 LOW | 3.3 LOW |
| IBM Security Guardium 10.0 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. This could force a user to utilize a cookie that may be known to an attacker. IBM X-Force ID: 124745. | |||||
| CVE-2017-10890 | 1 Sharp | 10 Rx-clv1-p, Rx-clv1-p Firmware, Rx-clv2-b and 7 more | 2017-12-08 | 4.3 MEDIUM | 4.6 MEDIUM |
| Session management issue in RX-V200 firmware versions prior to 09.87.17.09, RX-V100 firmware versions prior to 03.29.17.09, RX-CLV1-P firmware versions prior to 79.17.17.09, RX-CLV2-B firmware versions prior to 89.07.17.09, RX-CLV3-N firmware versions prior to 91.09.17.10 allows an attacker on the same LAN to perform arbitrary operations or access information via unspecified vectors. | |||||