4 matches found
CVE-2023-24477
creationtimestamp| type| source ---|---|--- 2023-08-09 12:16:05+00:00| seen| https://t.me/cibsecurity/68071...
CVE-2023-24477
In certain conditions, depending on timing and the usage of the Chrome web browser, Guardian/CMC versions before 22.6.2 do not always completely invalidate the user session upon logout. Thus an authenticated local attacker may gain acces to the original user's session...
CVE-2023-24477 Session Fixation in Guardian/CMC before 22.6.2
In certain conditions, depending on timing and the usage of the Chrome web browser, Guardian/CMC versions before 22.6.2 do not always completely invalidate the user session upon logout. Thus an authenticated local attacker may gain acces to the original user's session...
CVE-2023-24477
CVE-2023-24477 affects Nozomi Guardian/CMC; before 22.6.2, due to timing with Chrome, logout does not always fully invalidate the user session. This creates a local, authenticated attacker capability to access the original user session. Connected sources (Siemens/CISA advisories and vendor notes)...