Lucene search
Alpine Linux Development TeamALPINE:CVE-2019-7350HistoryFeb 04, 2019 - 7:29 p.m.
CVE-2019-7350
2019-02-0419:29:00
Alpine Linux Development Team
security.alpinelinux.org
15
0.001 Low
EPSS
Percentile
31.9%
Session fixation exists in ZoneMinder through 1.32.3, as an attacker can fixate his own session cookies to the next logged-in user, thereby hijacking the victim’s account. This occurs because a set of multiple cookies (between 3 and 5) is being generated when a user successfully logs in, and these sets overlap for successive logins.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-community | noarch | zoneminder | < 1.36.7-r0 | UNKNOWN |
| Alpine | 3.15-community | noarch | zoneminder | < 1.36.7-r0 | UNKNOWN |
| Alpine | 3.16-community | noarch | zoneminder | < 1.36.7-r0 | UNKNOWN |
| Alpine | 3.17-community | noarch | zoneminder | < 1.36.7-r0 | UNKNOWN |
| Alpine | 3.18-community | noarch | zoneminder | < 1.36.7-r0 | UNKNOWN |
| Alpine | 3.19-community | noarch | zoneminder | < 1.36.7-r0 | UNKNOWN |
| Alpine | 3.20-community | noarch | zoneminder | < 1.36.7-r0 | UNKNOWN |
Related
prion
prion
Session fixation
2019-02-04 19:29:00
cve
cve
CVE-2019-7350
2019-02-04 19:29:00
veracode
veracode
Session Fixation
2021-09-30 05:58:34
debiancve
debiancve
CVE-2019-7350
2019-02-04 19:29:00
osv
osv
CVE-2019-7350
2019-02-04 19:29:01
cvelist
cvelist
CVE-2019-7350
2022-10-03 16:19:30
ubuntucve
ubuntucve
CVE-2019-7350
2019-02-04 00:00:00
openvas
openvas
ZoneMinder < 1.34.0 Multiple Vulnerabilities
2019-02-05 00:00:00