Lucene search
Veracode Vulnerability DatabaseVERACODE:42472HistoryAug 06, 2023 - 10:02 p.m.
Improper Session Handling
2023-08-0622:02:05
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
fusiondirectory
improper session handling
validation
authorization
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.003 Low
EPSS
Percentile
66.3%
fusiondirectory is vulnerable to Improper Session Handling. The vulnerability exists due to lack of validations in fusiondirectory package which allows an attacker to reuse old session credentials or session IDs for authorization.
| CPE | Name | Operator | Version |
|---|---|---|---|
| fusiondirectory:buster | eq | 1.2.3-4+deb10u1 | |
| fusiondirectory:buster | eq | 1.2.3-4+deb10u1 |
Related
prion
prion
Design/Logic Flaw
2022-11-22 01:15:00
nvd
nvd
CVE-2022-36179
2022-11-22 01:15:30
cve
cve
CVE-2022-36179
2022-11-22 01:15:30
ubuntucve
ubuntucve
CVE-2022-36179
2022-11-22 00:00:00
debiancve
debiancve
CVE-2022-36179
2022-11-22 01:15:30
cnvd
cnvd
FusionDIrectory has an unspecified vulnerability
2022-11-24 00:00:00
cvelist
cvelist
CVE-2022-36179
2022-11-22 00:00:00
osv
osv
fusiondirectory - security update
2023-07-08 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2023-0352)
2023-12-20 00:00:00
Debian: Security Advisory (DLA-3487-1)
2023-07-10 00:00:00
mageia
mageia
Updated fusiondirectory packages fix security vulnerabilities
2023-12-19 22:08:39
nessus
nessus
Debian DLA-3487-1 : fusiondirectory - LTS security update
2023-07-08 00:00:00
debian
debian
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.003 Low
EPSS
Percentile
66.3%
Related for VERACODE:42472