Total
314 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-13229 | 1 Sysax | 1 Multi Server | 2024-08-04 | 8.8 High |
An issue was discovered in Sysax Multi Server 6.90. A session can be hijacked if one observes the sid value in any /scgi URI, because it is an authentication token. | ||||
CVE-2020-12467 | 1 Intelliants | 1 Subrion | 2024-08-04 | 6.5 Medium |
Subrion CMS 4.2.1 allows session fixation via an alphanumeric value in a session cookie. | ||||
CVE-2020-12258 | 1 Rconfig | 1 Rconfig | 2024-08-04 | 9.1 Critical |
rConfig 3.9.4 is vulnerable to session fixation because session expiry and randomization are mishandled. The application can reuse a session via PHPSESSID. Also, an attacker can exploit this vulnerability in conjunction with CVE-2020-12256 or CVE-2020-12259. | ||||
CVE-2020-11728 | 2 Davical, Debian | 2 Andrew\'s Web Libraries, Debian Linux | 2024-08-04 | 7.5 High |
An issue was discovered in DAViCal Andrew's Web Libraries (AWL) through 0.60. Session management does not use a sufficiently hard-to-guess session key. Anyone who can guess the microsecond time (and the incrementing session_id) can impersonate a session. | ||||
CVE-2020-11729 | 2 Davical, Debian | 2 Andrew\'s Web Libraries, Debian Linux | 2024-08-04 | 9.8 Critical |
An issue was discovered in DAViCal Andrew's Web Libraries (AWL) through 0.60. Long-term session cookies, uses to provide long-term session continuity, are not generated securely, enabling a brute-force attack that may be successful. | ||||
CVE-2020-10714 | 2 Netapp, Redhat | 13 Oncommand Insight, Codeready Studio, Descision Manager and 10 more | 2024-08-04 | 7.5 High |
A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | ||||
CVE-2020-9370 | 1 Humaxdigital | 2 Hga12r-02, Hga12r-02 Firmware | 2024-08-04 | 9.1 Critical |
HUMAX HGA12R-02 BRGCAA 1.1.53 devices allow Session Hijacking. | ||||
CVE-2020-8990 | 1 Western Digital | 2 Ibi, My Cloud Home | 2024-08-04 | 9.1 Critical |
Western Digital My Cloud Home before 3.6.0 and ibi before 3.6.0 allow Session Fixation. | ||||
CVE-2020-8434 | 1 Jenzabar | 1 Internet Campus Solution | 2024-08-04 | 9.8 Critical |
Jenzabar JICS (aka Internet Campus Solution) before 9.0.1 Patch 3, 9.1 before 9.1.2 Patch 2, and 9.2 before 9.2.2 Patch 8 has session cookies that are a deterministic function of the username. There is a hard-coded password to supply a PBKDF feeding into AES to encrypt a username and base64 encode it to a client-side cookie for persistent session authentication. By knowing the key and algorithm, an attacker can select any username, encrypt it, base64 encode it, and save it in their browser with the correct JICSLoginCookie cookie format to impersonate any real user in the JICS database without the need for authenticating (or verifying with MFA if implemented). | ||||
CVE-2020-6824 | 1 Mozilla | 1 Firefox | 2024-08-04 | 2.8 Low |
Initially, a user opens a Private Browsing Window and generates a password for a site, then closes the Private Browsing Window but leaves Firefox open. Subsequently, if the user had opened a new Private Browsing Window, revisited the same site, and generated a new password - the generated passwords would have been identical, rather than independent. This vulnerability affects Firefox < 75. | ||||
CVE-2020-6302 | 1 Sap | 1 Commerce | 2024-08-04 | 8.1 High |
SAP Commerce versions 6.7, 1808, 1811, 1905, 2005 contains the jSession ID in the backoffice URL when the application is loaded initially. An attacker can get this session ID via shoulder surfing or man in the middle attack and subsequently get access to admin user accounts, leading to Session Fixation and complete compromise of the confidentiality, integrity and availability of the application. | ||||
CVE-2020-6290 | 1 Sap | 1 Disclosure Management | 2024-08-04 | 6.3 Medium |
SAP Disclosure Management, version 10.1, is vulnerable to Session Fixation attacks wherein the attacker tricks the user into using a specific session ID. | ||||
CVE-2020-5894 | 1 F5 | 1 Nginx Controller | 2024-08-04 | 8.1 High |
On versions 3.0.0-3.3.0, the NGINX Controller webserver does not invalidate the server-side session token after users log out. | ||||
CVE-2020-5654 | 1 Mitsubishielectric | 10 Melsec Iq-rd81dl96, Melsec Iq-rd81dl96 Firmware, Melsec Iq-rd81mes96n and 7 more | 2024-08-04 | 7.5 High |
Session fixation vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 High Speed Data Logger Module First 2 digits of serial number are '08' or before, RD81MES96N MES Interface Module First 2 digits of serial number are '04' or before, and RD81OPC96 OPC UA Server Module First 2 digits of serial number are '04' or before) allows a remote unauthenticated attacker to stop the network functions of the products via a specially crafted packet. | ||||
CVE-2020-5645 | 1 Mitsubishielectric | 6 Coreos, Gt1450-qlbde, Gt1450-qmbde and 3 more | 2024-08-04 | 7.5 High |
Session fixation vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier, GT1455HS-QTBDE CoreOS version "05.65.00.BD" and earlier, and GT1450HS-QMBDE CoreOS version "05.65.00.BD" and earlier) allows a remote unauthenticated attacker to stop the network functions of the products via a specially crafted packet. | ||||
CVE-2020-5596 | 1 Mitsubishielectric | 4 Coreos, Got2000 Gt23, Got2000 Gt25 and 1 more | 2024-08-04 | 7.5 High |
TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series (CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model) does not properly manage sessions, which may allow a remote attacker to stop the network functions of the products or execute a malicious program via a specially crafted packet. | ||||
CVE-2020-5550 | 1 Plathome | 4 Easyblocks Ipv6, Easyblocks Ipv6 Enterprise, Easyblocks Ipv6 Enterprise Firmware and 1 more | 2024-08-04 | 8.1 High |
Session fixation vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier allows remote attackers to impersonate a registered user and log in the management console, that may result in information alteration/disclosure via unspecified vectors. | ||||
CVE-2020-5543 | 1 Mitsubishielectric | 2 Iu1-1m20-d, Iu1-1m20-d Firmware | 2024-08-04 | 9.8 Critical |
TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier does not properly manage sessions, which allows remote attackers to stop the network functions or execute malware via a specially crafted packet. | ||||
CVE-2020-5290 | 1 Ctfd | 1 Rctf | 2024-08-04 | 6.5 Medium |
In RedpwnCTF before version 2.3, there is a session fixation vulnerability in exploitable through the `#token=$ssid` hash when making a request to the `/verify` endpoint. An attacker team could potentially steal flags by, for example, exploiting a stored XSS payload in a CTF challenge so that victim teams who solve the challenge are unknowingly (and against their will) signed into the attacker team's account. Then, the attacker can gain points / value off the backs of the victims. This is patched in version 2.3. | ||||
CVE-2020-5205 | 1 Powauth | 1 Pow | 2024-08-04 | 6.5 Medium |
In Pow (Hex package) before 1.0.16, the use of Plug.Session in Pow.Plug.Session is susceptible to session fixation attacks if a persistent session store is used for Plug.Session, such as Redis or a database. Cookie store, which is used in most Phoenix apps, doesn't have this vulnerability. |