Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2025/05/23 7:46 a.m.8 views

CVE-2024-28144

An attacker who can spoof the IP address and the User-Agent of a logged-in user can takeover the session because of flaws in the self-developed session management. If two users access the web interface from the same IP they are logged in as the other user...

5.5CVSS6.9AI score0.00244EPSS
Exploits0References1
nvd
nvd
added 2024/12/12 2:15 p.m.14 views

CVE-2024-28144

An attacker who can spoof the IP address and the User-Agent of a logged-in user can takeover the session because of flaws in the self-developed session management. If two users access the web interface from the same IP they are logged in as the other user...

5.5CVSS0.00244EPSS
Exploits0References3
cvelist
cvelist
added 2024/12/12 1:24 p.m.31 views

CVE-2024-28144 Broken Access Control

An attacker who can spoof the IP address and the User-Agent of a logged-in user can takeover the session because of flaws in the self-developed session management. If two users access the web interface from the same IP they are logged in as the other user...

0.00244EPSS
Exploits0References2
cve
cve
added 2024/12/12 1:24 p.m.52 views

CVE-2024-28144

CVE-2024-28144 describes a flaw in a self-developed session management that allows session takeover when an attacker can spoof the IP address and User-Agent of a logged-in user. Two users on the same IP can be logged in as the other user. Connected sources identify Image Access Scan2Net as affect...

5.5CVSS6.5AI score0.00244EPSS
Exploits0References3
Rows per page
Query Builder