Vulnerabilities > CVE-2023-6519
Exposure of Data Element to Wrong Session vulnerability in Mia Technology Inc. M?A-MED allows Read Sensitive Strings Within an Executable.This issue affects M?A-MED: before 1.0.7.
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Session Credential Falsification through Prediction This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.
- Reusing Session IDs (aka Session Replay) This attack targets the reuse of valid session ID to spoof the target system in order to gain privileges. The attacker tries to reuse a stolen session ID used previously during a transaction to perform spoofing and session hijacking. Another name for this type of attack is Session Replay.