Lucene search
K

172 matches found

Cvelist
Cvelist
added 2023/08/15 6:25 p.m.17 views

CVE-2023-4337 Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation

Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation...

9.7AI score0.00588EPSS
Exploits0References1
CVE
CVE
added 2023/08/15 6:25 p.m.38 views

CVE-2023-4337

CVE-2023-4337 affects the Broadcom RAID Controller web interface. The vulnerability arises from improper session handling of gateway-installed managed servers. Based on NVD metrics, it is a CRITICAL issue (CVSS v3.1: 9.8) with network access, no user interaction required, and high impact to confi...

9.8CVSS9.6AI score0.00588EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/15 6:25 p.m.11 views

CVE-2023-4337 Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation

Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation...

7.2AI score0.00588EPSS
Exploits0References1
CVE
CVE
added 2023/08/15 6:21 p.m.46 views

CVE-2023-4323

CVE-2023-4323 affects Broadcom RAID Controller web interface, with the vulnerability in improper session management of active sessions on Gateway setup. The Red Hat and NVD entries corroborate, describing a critical issue (CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) that allows network access...

9.8CVSS9.6AI score0.00593EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/08/15 6:21 p.m.25 views

CVE-2023-4323 Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup

Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup...

9.7AI score0.00593EPSS
Exploits0References1
Veracode
Veracode
added 2023/08/06 10:2 p.m.28 views

Improper Session Handling

fusiondirectory is vulnerable to Improper Session Handling. The vulnerability exists due to lack of validations in fusiondirectory package which allows an attacker to reuse old session credentials or session IDs for authorization...

9.8CVSS6.8AI score0.00932EPSS
Exploits1References4Affected Software1
Veracode
Veracode
added 2023/08/04 6:7 a.m.22 views

Improper Session Management

github.com/answerdev/answer is vulnerable to Improper Session Management. The vulnerability exists in UserLogout function at usercontroller.go due to improper cache handling during the admin logout which allows an attacker to use the token to gain unauthorized access to the application even after...

8.8CVSS7AI score0.00775EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/07/31 12:0 a.m.6 views

The vulnerability of the Jenkins OpenShift Login plugin, related to improper session management, allows attackers to bypass security restrictions.

The vulnerability of the Jenkins OpenShift Login plugin is related to improper session management. Exploiting this vulnerability allows a malicious actor to bypass security restrictions from a remote location...

10CVSS7.6AI score0.00717EPSS
Exploits0References4Affected Software2
Tenable Nessus
Tenable Nessus
added 2023/07/08 12:0 a.m.25 views

Debian dla-3487 : fusiondirectory - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3487 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3487-1 [email protected]...

9.8CVSS7.4AI score0.01064EPSS
Exploits2References8
Veracode
Veracode
added 2023/04/11 10:9 a.m.17 views

Insufficient Session Expiration

grumpydictator/firefly-iii is vulnerable to Insufficient Session Expiration. The vulnerability exists due to improper session configurations in session.php which allows an authenticated remote attacker to reuse session tokens because they do not expire after log out...

9.8CVSS8.8AI score0.00438EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/03/23 12:0 a.m.6 views

The vulnerability of the EcoStruxure Power Monitoring Expert software lies in its incorrect session duration, which allows an intruder to gain unauthorized access to protected information.

The vulnerability of the EcoStruxure Power Monitoring Expert software is related to incorrect session duration settings. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

6.7CVSS7.6AI score0.00318EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/03/06 12:0 a.m.6 views

The vulnerability of the Symfony software platform for developing and managing web applications lies in improper session management, which allows attackers to execute CSRF attacks.

The vulnerability of the Symfony software platform for developing and managing web applications is related to improper session management. Exploiting this vulnerability allows a malicious actor to execute a CSRF attack from a remote location...

7.5CVSS7.2AI score0.0079EPSS
Exploits0References11Affected Software5
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/10 12:6 p.m.48 views

Security Bulletin: IBM MQ Appliance is vulnerable to improper session invalidation (CVE-2022-40230)

Summary IBM MQ Appliance has resolved an improper session validation vulnerability. Vulnerability Details CVEID:CVE-2022-40230 DESCRIPTION: IBM MQ Appliance does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. CVSS Base score:...

6.5CVSS6.3AI score0.00418EPSS
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/25 12:0 a.m.7 views

The vulnerability of the remote access tool for VMware Workspace ONE Assist, related to improper session management, allows a malicious individual to gain unauthorized access to the application.

The vulnerability of the remote access tool for VMware Workspace ONE Assist is related to improper session management. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to the application...

10CVSS8.1AI score0.00824EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/11/22 1:15 a.m.6 views

CVE-2022-36179

Fusiondirectory 1.3 suffers from Improper Session Handling...

9.8CVSS9.5AI score
Exploits0References3
OSV
OSV
added 2022/11/22 1:15 a.m.2 views

DEBIAN-CVE-2022-36179

Fusiondirectory 1.3 suffers from Improper Session Handling...

9.8CVSS8.5AI score0.00932EPSS
Exploits1References1
NVD
NVD
added 2022/11/22 1:15 a.m.16 views

CVE-2022-36179

Fusiondirectory 1.3 suffers from Improper Session Handling...

9.8CVSS0.00932EPSS
Exploits1References2
Prion
Prion
added 2022/11/22 1:15 a.m.15 views

Design/Logic Flaw

Fusiondirectory 1.3 suffers from Improper Session Handling...

7.5CVSS9.4AI score0.00932EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/11/22 1:15 a.m.1 views

UBUNTU-CVE-2022-36179

Fusiondirectory 1.3 suffers from Improper Session Handling...

9.8CVSS5.8AI score0.00932EPSS
Exploits1References4
Cvelist
Cvelist
added 2022/11/22 12:0 a.m.27 views

CVE-2022-36179

Fusiondirectory 1.3 suffers from Improper Session Handling...

9.7AI score0.00932EPSS
Exploits1References2
Rows per page
Query Builder