• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-384

CVE-2019-4227

February 26, 2023 by

IBM MQ 8.0.0.4 – 8.0.0.12, 9.0.0.0 – 9.0.0.6, 9.1.0.0 – 9.1.0.2, and 9.1.0 – 9.1.2 AMQP Listeners could allow an unauthorized user to conduct a session fixation attack due to clients not being disconnected as they should. IBM X-Force ID: 159352.

CVE-2019-4152

February 26, 2023 by

IBM Security Access Manager 9.0.1 through 9.0.6 does not invalidate session tokens in a timely manner. The lack of proper session expiration may allow attackers with local access to login into a closed browser session. IBM X-Force ID: 158515.

CVE-2019-3784

February 26, 2023 by

Cloud Foundry Stratos, versions prior to 2.3.0, contains an insecure session that can be spoofed. When deployed on cloud foundry with multiple instances using the default embedded SQLite database, a remote authenticated malicious user can switch sessions to another user with the same session id.

CVE-2019-19610

February 26, 2023 by

An issue was discovered in Halvotec RaQuest 10.23.10801.0. It allows session fixation. Fixed in Release 24.2020.20608.0.

CVE-2019-18946

February 26, 2023 by

Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to session fixation.

CVE-2019-18573

February 26, 2023 by

The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain a Session Fixation vulnerability. An authenticated malicious local user could potentially exploit this vulnerability as the session token is exposed as part of the URL. A remote attacker can gain access to victim’s session and perform arbitrary actions with privileges of the user within the compromised session.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 16
  • Go to page 17
  • Go to page 18
  • Go to page 19
  • Go to page 20
  • Interim pages omitted …
  • Go to page 31
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE