7 matches found
GHSA-6247-7862-Q2PQ Apache Helix Front (UI) component contained a hard-coded secret
The Apache Helix Front UI component contained a hard-coded secret, allowing an attacker to spoof sessions by generating their own fake cookies. This issue affects Apache Helix Front UI: all versions. As this project is retired, we do not plan to release a version that fixes this issue. Users are...
Apache Helix Front (UI) component contained a hard-coded secret
The Apache Helix Front UI component contained a hard-coded secret, allowing an attacker to spoof sessions by generating their own fake cookies. This issue affects Apache Helix Front UI: all versions. As this project is retired, we do not plan to release a version that fixes this issue. Users are...
CVE-2024-22281
UNSUPPORTED WHEN ASSIGNED The Apache Helix Front UI component contained a hard-coded secret, allowing an attacker to spoof sessions by generating their own fake cookies. This issue affects Apache Helix Front UI: all versions. As this project is retired, we do not plan to release a version that...
CVE-2024-22281 Apache Helix Front (UI): Helix front hard-coded secret in the express-session
UNSUPPORTED WHEN ASSIGNED The Apache Helix Front UI component contained a hard-coded secret, allowing an attacker to spoof sessions by generating their own fake cookies. This issue affects Apache Helix Front UI: all versions. As this project is retired, we do not plan to release a version that...
CVE-2024-22281
The CVE-2024-22281 entry concerns Apache Helix Front (UI). The vulnerability is caused by a hard-coded secret in the express-session usage, enabling session spoofing via forged cookies across all versions of the Front UI. Public details state that the project is retired and no fix will be release...
CVE-2024-22281 Apache Helix Front (UI): Helix front hard-coded secret in the express-session
UNSUPPORTED WHEN ASSIGNED The Apache Helix Front UI component contained a hard-coded secret, allowing an attacker to spoof sessions by generating their own fake cookies. This issue affects Apache Helix Front UI: all versions. As this project is retired, we do not plan to release a version that...
PT-2024-19302 · Apache · Apache Helix Front
Name of the Vulnerable Software and Affected Versions: Apache Helix Front UI versions all Description: The Apache Helix Front UI component contained a hard-coded secret, allowing an attacker to spoof sessions by generating their own fake cookies. This issue affects products that are no longer...