Lucene search

K

PRIOn knowledge basePRION:CVE-2015-8124

HistoryDec 07, 2015 - 8:59 p.m.

Session fixation

2015-12-0720:59:00

PRIOn knowledge base

www.prio-n.com

5

6.9 Medium

AI Score

Confidence

Low

0.015 Low

EPSS

Percentile

87.2%

Session fixation vulnerability in the “Remember Me” login feature in Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 allows remote attackers to hijack web sessions via a session id.

CPENameOperatorVersion
symfonyeq2.3.21
symfonyeq2.3.14
symfonyeq2.7.5
symfonyeq2.7.4
symfonyeq2.3.27
symfonyeq2.3.0
symfonyeq2.7.1
symfonyeq2.3.15
symfonyeq2.3.6
symfonyeq2.6.1

Rows per page:

1-10 of 541

References

seclists.org/fulldisclosure/2015/Dec/89

www.debian.org/security/2015/dsa-3402

www.securityfocus.com/archive/1/537183/100/0/threaded

www.securityfocus.com/bid/77694

lists.fedoraproject.org/pipermail/package-announce/2015-December/173271.html

lists.fedoraproject.org/pipermail/package-announce/2015-December/173300.html

symfony.com/blog/cve-2015-8124-session-fixation-in-the-remember-me-login-feature

6.9 Medium

AI Score

Confidence

Low

0.015 Low

EPSS

Percentile

87.2%

Related for PRION:CVE-2015-8124

osv2 friendsofphp3 ubuntucve1 veracode1 cve1 nvd1 symfony1 github1 debiancve1 cvelist1 debian2 fedora4 nessus3 openvas4