Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Insecure Session Management

šŸ—“ļøĀ 16 Nov 2022Ā 04:07:39Reported byĀ Veracode Vulnerability DatabaseTypeĀ 
veracode
Ā veracodešŸ”—Ā sca.analysiscenter.veracode.comšŸ‘Ā 28Ā Views

Concrete CMS vulnerability session management issue in GenericOauthTypeController.ph

Related
Detection
Refs
ReporterTitlePublishedViews
Family
Circl		CVE-2022-43687
16 Nov 202207:54
ā€“circl
CNNVD		PortlandLabs Concrete CMS ęŽˆęƒé—®é¢˜ę¼ę“ž
14 Nov 202200:00
ā€“cnnvd
CVE		CVE-2022-43687
14 Nov 202200:00
ā€“cve
Cvelist		CVE-2022-43687
14 Nov 202200:00
ā€“cvelist
EUVD		EUVD-2022-7379
3 Oct 202520:07
ā€“euvd
Github Security Blog		Concrete CMS vulnerable to Session Fixation
15 Nov 202212:00
ā€“github
NVD		CVE-2022-43687
14 Nov 202223:15
ā€“nvd
OSV		GHSA-M53V-5X5X-5M2P Concrete CMS vulnerable to Session Fixation
15 Nov 202212:00
ā€“osv
Prion		Authentication flaw
14 Nov 202223:15
ā€“prion
Positive Technologies		PT-2022-27003 Ā· Unknown Ā· Concrete Cms
14 Nov 202200:00
ā€“ptsecurity
Rows per page
Vulners
Node
intelconcrete5/coreRange8.2.0ā€“8.5.9php
OR
intelconcrete5/coreRange9.0.0RC1ā€“9.1.2php
OR
concrete5concrete5/concrete5Range5.7.1ā€“8.5.9php
OR
concrete5concrete5/concrete5Range9.0.0RC1ā€“9.1.2php
SourceLink
githubwww.github.com/concretecms/concretecms/pull/10991
documentationwww.documentation.concretecms.org/developers/introduction/version-history/8510-release-notes
documentationwww.documentation.concretecms.org/developers/introduction/version-history/913-release-notes
githubwww.github.com/concretecms/concretecms/commit/87d0966e2654bfb6e2a0a459a670926a72bf73bb
githubwww.github.com/concretecms/concretecms/commit/92e0025f229e4b237b7d53507f771c2f9027fba3
githubwww.github.com/concretecms/concretecms-core/commit/94beb230c8c4b138ec3c6265b5037fd5ad08bb22
githubwww.github.com/concretecms/concretecms-core/commit/6f9e32b8ebdfcc79d47df57785e7ea9109fe60b7
githubwww.github.com/advisories/GHSA-m53v-5x5x-5m2p
githubwww.github.com/concretecms/concretecms/releases/8.5.10
githubwww.github.com/concretecms/concretecms/releases/9.1.3
Rows per page

Data

Build on a solid foundation withĀ Vulners data

WeĀ provide theĀ essential building blocks forĀ cybersecurity solutions withĀ comprehensive, structured, andĀ constantly updated vulnerability andĀ exploits data

Api

Power your application withĀ Vulners API

The Vulners REST API offers reliable, high-performance access toĀ vulnerabilityĀ intelligence, withĀ 99.9%Ā SLAĀ uptime andĀ CDN-backed data delivery forĀ seamlessĀ global access

App

Assess and manage vulnerabilities withĀ VulnersĀ tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
17 Nov 2022 16:03Current
5.4Medium risk
Vulners AI Score5.4
CVSS 3.15.4
EPSS0.00584
concrete cmsvulnerabilitysession managementgenericoauthtypecontroller.phpoauthauthentication
28