Lucene search
RedhatCVELIST:CVE-2020-10714HistorySep 23, 2020 - 12:28 p.m.
CVE-2020-10714
2020-09-2312:28:17
CWE-384
redhat
www.cve.org
7
A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CNA Affected
[
{
"product": "wildfly-elytron",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "wildfly-elytron 1.10.7.Final"
}
]
}
]Related
osv
osv
CVE-2020-10714
2020-09-23 13:15:15
Session Fixation in WildFly Elytron
2022-02-15 01:39:57
redhatcve
redhatcve
CVE-2020-10714
2020-04-28 04:34:41
github
github
Session Fixation in WildFly Elytron
2022-02-15 01:39:57
cve
cve
CVE-2020-10714
2020-09-23 13:15:15
prion
prion
Session fixation
2020-09-23 13:15:00
veracode
veracode
Session Fixation
2020-08-18 02:03:58
nvd
nvd
CVE-2020-10714
2020-09-23 13:15:15
redhat
redhat
(RHSA-2020:3539) Important: Red Hat build of Thorntail 2.7.1 security and bug fix update
2020-09-02 09:43:23
(RHSA-2020:4961) Moderate: Red Hat Process Automation Manager 7.9.0 security update
2020-11-05 18:44:42
(RHSA-2020:4960) Moderate: Red Hat Decision Manager 7.9.0 security update
2020-11-05 18:43:06
nessus
nessus