Lucene search
Veracode Vulnerability DatabaseVERACODE:4588HistoryJul 18, 2017 - 8:26 a.m.
Sessions Hijacking
2017-07-1808:26:22
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
EPSS
0.003
Percentile
71.4%
Moodle is vulnerable to session hijacking attacks. The attack is possible because the application permits the use of empty session IDs, allowing association of an empty ID with more than one instance. This can allow a malicious user to take over another user’s session.
Related
prion
prion
Authentication flaw
2014-07-29 11:10:00
ubuntucve
ubuntucve
CVE-2014-3552
2014-07-29 00:00:00
cvelist
cvelist
CVE-2014-3552
2014-07-29 10:00:00
cve
cve
CVE-2014-3552
2014-07-29 11:10:32
nvd
nvd
CVE-2014-3552
2014-07-29 11:10:32
nessus
nessus
Fedora 20 : moodle-2.5.7-1.fc20 (2014-8601)
2014-07-31 00:00:00
Fedora 19 : moodle-2.4.11-1.fc19 (2014-8609)
2014-07-31 00:00:00
openvas
openvas
Fedora Update for moodle FEDORA-2014-10802
2014-10-01 00:00:00
Fedora Update for moodle FEDORA-2014-15102
2014-11-26 00:00:00
Fedora Update for moodle FEDORA-2014-8601
2014-08-05 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: moodle-2.5.9-1.fc20
2014-11-25 15:30:01
[SECURITY] Fedora 20 Update: moodle-2.5.7-1.fc20
2014-07-30 07:03:13
[SECURITY] Fedora 20 Update: moodle-2.5.8-1.fc20
2014-09-25 10:46:26