6 matches found
EUVD-2018-11786
Malware in sbrugna...
ABB FLXeon Security Bypass Vulnerability
The ABB FLXeon is a series of controllers from ABB Switzerland. ABB FLXeon suffers from a security bypass vulnerability that stems from insufficient session management to prevent unauthorized HTTPS requests. No detailed vulnerability details are provided at this time...
Insufficient Session Expiration
typo3/cms and typo3/cms-core are vulnerable to insecure session management. An attacker is able to bypass authentication when a user resets their password using the corresponding password recovery functionality, as existing sessions for that particular user account are not revoked...
CVE-2019-5638 Rapid7 Nexpose Insufficient Session Management
Rapid7 Nexpose versions 6.5.50 and prior suffer from insufficient session expiration when an administrator performs a security relevant edit on an existing, logged on user. For example, if a user's password is changed by an administrator due to an otherwise unrelated credential leak, that user...
CVE-2018-1148
In Nessus before 7.1.0, Session Fixation exists due to insufficient session management within the application. An authenticated attacker could maintain system access due to session fixation after a user password change...
CVE-2018-1148
In Nessus before 7.1.0, Session Fixation exists due to insufficient session management within the application. An authenticated attacker could maintain system access due to session fixation after a user password change...