Total
324 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-1000814 | 1 Aiohttp-session Project | 1 Aiohttp-session | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| aio-libs aiohttp-session version 2.6.0 and earlier contains a Other/Unknown vulnerability in EncryptedCookieStorage and NaClCookieStorage that can result in Non-expiring sessions / Infinite lifespan. This attack appear to be exploitable via Recreation of a cookie post-expiry with the same value. | |||||
| CVE-2018-5438 | 1 Philips | 1 Intellispace Cardiovascular | 2024-02-28 | 3.3 LOW | 6.3 MEDIUM |
| Philips ISCV application prior to version 2.3.0 has an insufficient session expiration vulnerability where an attacker could reuse the session of a previously logged in user. This vulnerability exists when using ISCV together with an Electronic Medical Record (EMR) system, where ISCV is in KIOSK mode for multiple users and using Windows authentication. This may allow an attacker to gain unauthorized access to patient health information and potentially modify this information. | |||||
| CVE-2017-1693 | 1 Ibm | 1 Integration Bus | 2024-02-28 | 6.8 MEDIUM | 5.6 MEDIUM |
| IBM Integration Bus 9.0 and 10.0 could allow an attacker that has captured a valid session id to hijack another users session during a small timeframe before the session times out. IBM X-Force ID: 134164. | |||||
| CVE-2018-10990 | 1 Commscope | 2 Arris Tg1682g, Arris Tg1682g Firmware | 2024-02-28 | 7.5 HIGH | 8.0 HIGH |
| On Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices, a logout action does not immediately destroy all state on the device related to the validity of the "credential" cookie, which might make it easier for attackers to obtain access at a later time (e.g., "at least for a few minutes"). NOTE: there is no documentation stating that the web UI's logout feature was supposed to do anything beyond removing the cookie from one instance of a web browser; a client-side logout action is often not intended to address cases where a person has made a copy of a cookie outside of a browser. | |||||
| CVE-2018-0152 | 1 Cisco | 1 Ios Xe | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to gain elevated privileges on an affected device. The vulnerability exists because the affected software does not reset the privilege level for each web UI session. An attacker who has valid credentials for an affected device could exploit this vulnerability by remotely accessing a VTY line to the device. A successful exploit could allow the attacker to access an affected device with the privileges of the user who previously logged in to the web UI. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software, if the HTTP Server feature is enabled and authentication, authorization, and accounting (AAA) authorization is not configured for EXEC sessions. The default state of the HTTP Server feature is version-dependent. This vulnerability was introduced in Cisco IOS XE Software Release 16.1.1. Cisco Bug IDs: CSCvf71769. | |||||
| CVE-2018-7758 | 1 Schneider-electric | 46 Micom P141, Micom P141 Firmware, Micom P142 and 43 more | 2024-02-28 | 3.3 LOW | 6.5 MEDIUM |
| A denial of service vulnerability exists in Schneider Electric's MiCOM Px4x (P540 range excluded) with legacy Ethernet board, MiCOM P540D Range with Legacy Ethernet Board, and MiCOM Px4x Rejuvenated could lose network communication in case of TCP/IP open requests on port 20000 (DNP3oE) if an older TCI/IP session is still open with identical IP address and port number. | |||||
| CVE-2017-15653 | 1 Asus | 1 Asuswrt | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| Improper administrator IP validation after his login in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allows an unauthorized user to execute any action knowing administrator session token by using a specific User-Agent string. | |||||
| CVE-2017-3966 | 1 Mcafee | 1 Network Security Manager | 2024-02-28 | 6.5 MEDIUM | 6.3 MEDIUM |
| Exploitation of session variables, resource IDs and other trusted credentials vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to exploit or harm a user's browser via reusing the exposed session token in the application URL. | |||||
| CVE-2018-1195 | 1 Cloudfoundry | 3 Capi-release, Cf-deployment, Cf-release | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| In Cloud Controller versions prior to 1.46.0, cf-deployment versions prior to 1.3.0, and cf-release versions prior to 283, Cloud Controller accepts refresh tokens for authentication where access tokens are expected. This exposes a vulnerability where a refresh token that would otherwise be insufficient to obtain an access token, either due to lack of client credentials or revocation, would allow authentication. | |||||
| CVE-2018-11386 | 2 Debian, Sensiolabs | 2 Debian Linux, Symfony | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in the HttpFoundation component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. The PDOSessionHandler class allows storing sessions on a PDO connection. Under some configurations and with a well-crafted payload, it was possible to do a denial of service on a Symfony application without too much resources. | |||||
| CVE-2017-12867 | 1 Simplesamlphp | 1 Simplesamlphp | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
| The SimpleSAML_Auth_TimeLimitedToken class in SimpleSAMLphp 1.14.14 and earlier allows attackers with access to a secret token to extend its validity period by manipulating the prepended time offset. | |||||
| CVE-2017-11667 | 1 Openproject | 1 Openproject | 2024-02-28 | 6.8 MEDIUM | 8.1 HIGH |
| OpenProject before 6.1.6 and 7.x before 7.0.3 mishandles session expiry, which allows remote attackers to perform APIv3 requests indefinitely by leveraging a hijacked session. | |||||
| CVE-2017-1000135 | 1 Mahara | 1 Mahara | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable as logged-in users can stay logged in after the institution they belong to is suspended. | |||||
| CVE-2017-3215 | 1 Milwaukee | 1 One-key | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Milwaukee ONE-KEY Android mobile application uses bearer tokens with an expiration of one year. This bearer token, in combination with a user_id can be used to perform user actions. | |||||
| CVE-2015-5171 | 2 Cloudfoundry, Pivotal Software | 3 Cf-release, Cloud Foundry Elastic Runtime, Cloud Foundry Uaa | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| The password change functionality in Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact by leveraging failure to expire existing sessions. | |||||
| CVE-2017-6145 | 1 F5 | 10 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 7 more | 2024-02-28 | 7.5 HIGH | 7.3 HIGH |
| iControl REST in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe 12.0.0 through 12.1.2 and 13.0.0 includes a service to convert authorization BIGIPAuthCookie cookies to X-F5-Auth-Token tokens. This service does not properly re-validate cookies when making that conversion, allowing once-valid but now expired cookies to be converted to valid tokens. | |||||
| CVE-2017-14007 | 1 Prominent | 2 Multiflex M10a Controller, Multiflex M10a Controller Firmware | 2024-02-28 | 6.8 MEDIUM | 5.6 MEDIUM |
| An Insufficient Session Expiration issue was discovered in ProMinent MultiFLEX M10a Controller web interface. The user's session is available for an extended period beyond the last activity, allowing an attacker to reuse an old session for authorization. | |||||
| CVE-2017-1000136 | 1 Mahara | 1 Mahara | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| Mahara 1.8 before 1.8.6 and 1.9 before 1.9.4 and 1.10 before 1.10.1 and 15.04 before 15.04.0 are vulnerable to old sessions not being invalidated after a password change. | |||||
| CVE-2017-1000131 | 1 Mahara | 1 Mahara | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to users staying logged in to their Mahara account even when they have been logged out of Moodle (when using MNet) as Mahara did not properly implement one of the MNet SSO API functions. | |||||
| CVE-2017-12159 | 2 Keycloak, Redhat | 3 Keycloak, Enterprise Linux Server, Single Sign On | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session. An attacker could use this flaw to gain access to an authenticated user session, leading to possible information disclosure or further attacks. | |||||