Lucene search
HistoryJun 02, 2014 - 3:55 p.m.
CVE-2012-5395
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.7 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
73.7%
Session fixation vulnerability in the CentralAuth extension for MediaWiki before 1.18.6, 1.19.x before 1.19.3, and 1.20.x before 1.20.1 allows remote attackers to hijack web sessions via the centralauth_Session cookie.
Affected configurations
Node
mediawikimediawikiMatch1.20
Node
mediawikimediawikiMatch1.19
ORmediawikimediawikiMatch1.19beta_1
ORmediawikimediawikiMatch1.19beta_2
ORmediawikimediawikiMatch1.19.1
ORmediawikimediawikiMatch1.19.2
Node
mediawikimediawikiRange≤1.18.5
ORmediawikimediawikiMatch1.18
ORmediawikimediawikiMatch1.18beta_1
ORmediawikimediawikiMatch1.18.0
ORmediawikimediawikiMatch1.18.0rc1
ORmediawikimediawikiMatch1.18.1
ORmediawikimediawikiMatch1.18.2
ORmediawikimediawikiMatch1.18.3
ORmediawikimediawikiMatch1.18.4
Related
cvelist
cvelist
CVE-2012-5395
2014-06-02 15:00:00
prion
prion
Session fixation
2014-06-02 15:55:00
cve
cve
CVE-2012-5395
2014-06-02 15:55:08
nessus
nessus
MediaWiki < 1.18.6 / 1.19.3 / 1.20.1 Multiple Vulnerabilities
2012-12-14 00:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.7 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
73.7%
Related for NVD:CVE-2012-5395