Lucene search
Veracode Vulnerability DatabaseVERACODE:22554HistoryFeb 24, 2020 - 6:03 a.m.
Session Fixation
2020-02-2406:03:21
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.004 Low
EPSS
Percentile
73.0%
infinispan-spring5-common is vulnerable to session fixation. An improper implementation of the session cookie creation and deletion allows an attacker to gain unauthorized access to the application.
| CPE | Name | Operator | Version |
|---|---|---|---|
| infinispan spring 5 common module | le | 10.0.0.Beta3 | |
| infinispan spring 5 common module | le | 9.4.14.Final |
Related
osv
osv
Improper implementation of the session fixation protection in Infinispan
2020-01-21 21:18:44
CVE-2019-10158
2020-01-02 15:15:11
cvelist
cvelist
CVE-2019-10158
2020-01-02 14:28:44
cve
cve
CVE-2019-10158
2020-01-02 15:15:11
github
github
Improper implementation of the session fixation protection in Infinispan
2020-01-21 21:18:44
redhatcve
redhatcve
CVE-2019-10158
2019-06-06 07:20:14
prion
prion
Session fixation
2020-01-02 15:15:00
nvd
nvd
CVE-2019-10158
2020-01-02 15:15:11
redhat
redhat
(RHSA-2019:4037) Important: Red Hat Data Grid 7.3.2 security update
2019-12-02 16:21:52