Description
Insufficient session expiration vulnerability in syslink software AG Avantra on Linux, Windows allows Reusing Session IDs (aka Session Replay).

This issue affects Avantra: before 25.3.1.
Published: 2026-05-22
Score: 9.6 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is an insufficient session expiration flaw in Avantra’s metrics web server that permits reusing session identifiers. An attacker can capture a valid session ID and replay it to gain unauthorized access, potentially assuming the privileges of the original user. This flaw enables unauthorized confidentiality and integrity breaches if the compromised session grants access to sensitive administrative functions.

Affected Systems

The affected product is Avantra from syslink software AG. All deployments running any version prior to 25.3.1 on Linux or Windows are impacted. No specific service version details are provided beyond the major release number.

Risk and Exploitability

The CVSS score of 9.6 indicates a critical severity. Although the EPSS score is not available, the vulnerability’s nature suggests that a remote attacker with network access to the Avantra web interface could exploit it. The issue is not listed in the CISA KEV catalog. Because the flaw permits session replay over the network, it is likely a remote attack vector involving standard web traffic, and the risk to systems that expose the metrics web server to untrusted networks is high.

Generated by OpenCVE AI on May 22, 2026 at 15:41 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Avantra to version 25.3.1 or newer to apply the vendor fix that enforces proper session expiration.
  • Restrict access to the Avantra metrics web server so that only trusted IPs or networks can reach it, reducing exposure to potential attackers.
  • Enable HTTPS/TLS for all Avantra web traffic and consider enforcing strict session timeout or renewal policies to mitigate session replay risks.

Generated by OpenCVE AI on May 22, 2026 at 15:41 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 22 May 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 22 May 2026 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Syslink Software Ag
Syslink Software Ag avantra
Vendors & Products Syslink Software Ag
Syslink Software Ag avantra

Fri, 22 May 2026 13:45:00 +0000

Type Values Removed Values Added
Description Insufficient session expiration vulnerability in syslink software AG Avantra on Linux, Windows allows Reusing Session IDs (aka Session Replay). This issue affects Avantra: before 25.3.1.
Title Insecure session handling on metrics web server
Weaknesses CWE-613
References
Metrics cvssV3_1

{'score': 9.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H'}

Subscriptions

Syslink Software Ag Avantra
cve-icon MITRE

Status: PUBLISHED

Assigner: NCSC.ch

Published:

Updated: 2026-05-22T15:05:13.802Z

Reserved: 2026-05-15T11:49:57.345Z

Link: CVE-2026-8670

cve-icon Vulnrichment

Updated: 2026-05-22T15:05:09.592Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-22T15:45:16Z

Weaknesses