Total
260 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-52353 | 1 Arm | 1 Mbed Tls | 2024-02-05 | N/A | 7.5 HIGH |
| An issue was discovered in Mbed TLS through 3.5.1. In mbedtls_ssl_session_reset, the maximum negotiable TLS version is mishandled. For example, if the last connection negotiated TLS 1.2, then 1.2 becomes the new maximum. | |||||
| CVE-2023-48929 | 1 Franklin-electric | 1 System Sentinel Anyware | 2024-02-05 | N/A | 9.8 CRITICAL |
| Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24.492 is vulnerable to Session Fixation. The 'sid' parameter in the group_status.asp resource allows an attacker to escalate privileges and obtain sensitive information. | |||||
| CVE-2023-50920 | 1 Gl-inet | 24 Gl-a1300, Gl-a1300 Firmware, Gl-ar300m and 21 more | 2024-02-05 | N/A | 5.5 MEDIUM |
| An issue was discovered on GL.iNet devices before version 4.5.0. They assign the same session ID after each user reboot, allowing attackers to share session identifiers between different sessions and bypass authentication or access control measures. Attackers can impersonate legitimate users or perform unauthorized actions. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR300M 4.3.7, and B1300 4.3.7. | |||||
| CVE-2022-46480 | 1 U-tec | 2 Ultraloq Ul3 Bt, Ultraloq Ul3 Bt Firmware | 2024-02-05 | N/A | 8.1 HIGH |
| Incorrect Session Management and Credential Re-use in the Bluetooth LE stack of the Ultraloq UL3 2nd Gen Smart Lock Firmware 02.27.0012 allows an attacker to sniff the unlock code and unlock the device whilst within Bluetooth range. | |||||
| CVE-2023-24477 | 1 Nozominetworks | 2 Cmc, Guardian | 2024-02-05 | N/A | 7.0 HIGH |
| In certain conditions, depending on timing and the usage of the Chrome web browser, Guardian/CMC versions before 22.6.2 do not always completely invalidate the user session upon logout. Thus an authenticated local attacker may gain acces to the original user's session. | |||||
| CVE-2023-37946 | 1 Jenkins | 1 Openshift Login | 2024-02-05 | N/A | 8.8 HIGH |
| Jenkins OpenShift Login Plugin 1.1.0.227.v27e08dfb_1a_20 and earlier does not invalidate the previous session on login. | |||||
| CVE-2023-31498 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-02-04 | N/A | 9.8 CRITICAL |
| A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows a remote attacker to execute arbitrary code and access sensitive information via the session token parameter. | |||||
| CVE-2022-31888 | 1 Enhancesoft | 1 Osticket | 2024-02-04 | N/A | 8.8 HIGH |
| Session Fixation vulnerability in in function login in class.auth.php in osTicket through 1.16.2. | |||||
| CVE-2023-3192 | 1 Froxlor | 1 Froxlor | 2024-02-04 | N/A | 5.4 MEDIUM |
| Session Fixation in GitHub repository froxlor/froxlor prior to 2.1.0. | |||||
| CVE-2023-28809 | 1 Hikvision | 52 Ds-k1t320efwx, Ds-k1t320efwx Firmware, Ds-k1t320efx and 49 more | 2024-02-04 | N/A | 7.5 HIGH |
| Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user. | |||||
| CVE-2023-3394 | 1 Fossbilling | 1 Fossbilling | 2024-02-04 | N/A | 5.4 MEDIUM |
| Session Fixation in GitHub repository fossbilling/fossbilling prior to 0.5.1. | |||||
| CVE-2023-28316 | 1 Rocket.chat | 1 Rocket.chat | 2024-02-04 | N/A | 9.8 CRITICAL |
| A security vulnerability has been discovered in the implementation of 2FA on the rocket.chat platform, where other active sessions are not invalidated upon activating 2FA. This could potentially allow an attacker to maintain access to a compromised account even after 2FA is enabled. | |||||
| CVE-2023-29019 | 1 Fastify | 1 Passport | 2024-02-04 | N/A | 8.1 HIGH |
| @fastify/passport is a port of passport authentication library for the Fastify ecosystem. Applications using `@fastify/passport` in affected versions for user authentication, in combination with `@fastify/session` as the underlying session management mechanism, are vulnerable to session fixation attacks from network and same-site attackers. fastify applications rely on the `@fastify/passport` library for user authentication. The login and user validation are performed by the `authenticate` function. When executing this function, the `sessionId` is preserved between the pre-login and the authenticated session. Network and same-site attackers can hijack the victim's session by tossing a valid `sessionId` cookie in the victim's browser and waiting for the victim to log in on the website. As a solution, newer versions of `@fastify/passport` regenerate `sessionId` upon login, preventing the attacker-controlled pre-session cookie from being upgraded to an authenticated session. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-22648 | 1 Suse | 1 Rancher | 2024-02-04 | N/A | 8.8 HIGH |
| A Improper Privilege Management vulnerability in SUSE Rancher causes permission changes in Azure AD not to be reflected to users while they are logged in the Rancher UI. This would cause the users to retain their previous permissions in Rancher, even if they change groups on Azure AD, for example, to a lower privileged group, or are removed from a group, thus retaining their access to Rancher instead of losing it. This issue affects Rancher: from >= 2.6.7 before < 2.6.13, from >= 2.7.0 before < 2.7.4. | |||||
| CVE-2023-1265 | 1 Gitlab | 1 Gitlab | 2024-02-04 | N/A | 4.5 MEDIUM |
| An issue has been discovered in GitLab affecting all versions starting from 11.9 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. The condition allows for a privileged attacker, under certain conditions, to obtain session tokens from all users of a GitLab instance. | |||||
| CVE-2023-30056 | 1 Fico | 1 Origination Manager Decision | 2024-02-04 | N/A | 7.5 HIGH |
| A session takeover vulnerability exists in FICO Origination Manager Decision Module 4.8.1 due to insufficient protection of the JSESSIONID cookie. | |||||
| CVE-2023-2105 | 1 Easyappointments | 1 Easyappointments | 2024-02-04 | N/A | 8.8 HIGH |
| Session Fixation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. | |||||
| CVE-2023-32997 | 1 Jenkins | 1 Cas | 2024-02-04 | N/A | 8.8 HIGH |
| Jenkins CAS Plugin 1.6.2 and earlier does not invalidate the previous session on login. | |||||
| CVE-2023-27490 | 1 Nextauth.js | 1 Next-auth | 2024-02-04 | N/A | 8.8 HIGH |
| NextAuth.js is an open source authentication solution for Next.js applications. `next-auth` applications using OAuth provider versions before `v4.20.1` have been found to be subject to an authentication vulnerability. A bad actor who can read traffic on the victim's network or who is able to social engineer the victim to click a manipulated login link could intercept and tamper with the authorization URL to **log in as the victim**, bypassing the CSRF protection. This is due to a partial failure during a compromised OAuth session where a session code is erroneously generated. This issue has been addressed in version 4.20.1. Users are advised to upgrade. Users unable to upgrade may using Advanced Initialization, manually check the callback request for state, pkce, and nonce against the provider configuration to prevent this issue. See the linked GHSA for details. | |||||
| CVE-2022-4231 | 2024-02-04 | N/A | 5.4 MEDIUM | ||
| A vulnerability, which was classified as problematic, has been found in Tribal Systems Zenario CMS 9.3.57595. This issue affects some unknown processing of the component Remember Me Handler. The manipulation leads to session fixiation. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-214589 was assigned to this vulnerability. | |||||