8 matches found
CVE-2021-29012
DMA Softlab Radius Manager 4.4.0 assigns the same session cookie to every admin session. The cookie is valid when the admin is logged in, but is invalid temporarily during times when the admin is logged out. In other words, the cookie is functionally equivalent to a static password, and thus...
CVE-2022-40916
Tiny File Manager v2.4.7 and below is vulnerable to session fixation...
CVE-2023-30056
A session takeover vulnerability exists in FICO Origination Manager Decision Module 4.8.1 due to insufficient protection of the JSESSIONID cookie...
The vulnerability of the Cisco Discovery Protocol implementation in Cisco Unified Communications Manager (CM) and Cisco Unified Communications Manager Session Management Edition (SME) systems allows a attacker to cause service interruptions.
The vulnerability of the Cisco Discovery Protocol implementation in Cisco Unified Communications Manager CM and Cisco Unified Communications Manager Session Management Edition SME systems is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability could all...
Cisco Unified Communications Manager XML External Expansion Vulnerability
A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME could allow an unauthenticated, remote attacker to access sensitive information or cause a denial of service DoS condition. The vulnerability ...
DEBIAN-CVE-2008-1390
The AsteriskGUI HTTP server in Asterisk Open Source 1.4.x before 1.4.19-rc3 and 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6, AsteriskNOW before 1.0.2, Appliance Developer Kit before revision 104704, and s800i 1.0.x before 1.1.0.2 generates insufficiently random manager ID values...
CVE-2008-1390
The AsteriskGUI HTTP server in Asterisk Open Source 1.4.x before 1.4.19-rc3 and 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6, AsteriskNOW before 1.0.2, Appliance Developer Kit before revision 104704, and s800i 1.0.x before 1.1.0.2 generates insufficiently random manager ID values...
CVE-2008-1390
The AsteriskGUI HTTP server in Asterisk Open Source 1.4.x before 1.4.19-rc3 and 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6, AsteriskNOW before 1.0.2, Appliance Developer Kit before revision 104704, and s800i 1.0.x before 1.1.0.2 generates insufficiently random manager ID values...