Vulnerabilities > Session Fixation

DATE	CVE	VULNERABILITY TITLE	RISK
2018-04-19	CVE-2018-0229	Session Fixation vulnerability in Cisco products A vulnerability in the implementation of Security Assertion Markup Language (SAML) Single Sign-On (SSO) authentication for Cisco AnyConnect Secure Mobility Client for Desktop Platforms, Cisco Adaptive Security Appliance (ASA) Software, and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to establish an authenticated AnyConnect session through an affected device running ASA or FTD Software. network low complexity cisco CWE-384	6.5
2018-04-13	CVE-2018-6959	Session Fixation vulnerability in VMWare Vrealize Automation VMware vRealize Automation (vRA) prior to 7.4.0 contains a vulnerability in the handling of session IDs. network low complexity vmware CWE-384 critical	9.8
2018-04-11	CVE-2017-18125	Session Fixation vulnerability in Qualcomm products In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850, when secure camera is activated it stores captured data in protected buffers. network low complexity qualcomm CWE-384	7.5
2018-04-10	CVE-2018-2409	Session Fixation vulnerability in SAP Cloud Platform 2.0 Improper session management when using SAP Cloud Platform 2.0 (Connectivity Service and Cloud Connector). network low complexity sap CWE-384	8.8
2018-04-10	CVE-2018-2408	Session Fixation vulnerability in SAP Businessobjects Improper Session Management in SAP Business Objects, 4.0, from 4.10, from 4.20, 4.30, CMC/BI Launchpad/Fiorified BI Launchpad. network low complexity sap CWE-384	7.3
2018-03-06	CVE-2018-5465	Session Fixation vulnerability in Belden products A Session Fixation issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. network low complexity belden CWE-384	8.8
2017-12-20	CVE-2017-1270	Session Fixation vulnerability in IBM Security Guardium IBM Security Guardium 10.0 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. local low complexity ibm CWE-384	3.3
2017-12-19	CVE-2017-11562	Session Fixation vulnerability in MT4 Senhasegura 2.2.23.8 A Session Fixation Vulnerability exists in the MT4 Networks SenhaSegura Web Application 2.2.23.8 via login_if.php. network low complexity mt4 CWE-384	8.8
2017-11-17	CVE-2017-10890	Session Fixation vulnerability in Sharp products Session management issue in RX-V200 firmware versions prior to 09.87.17.09, RX-V100 firmware versions prior to 03.29.17.09, RX-CLV1-P firmware versions prior to 79.17.17.09, RX-CLV2-B firmware versions prior to 89.07.17.09, RX-CLV3-N firmware versions prior to 91.09.17.10 allows an attacker on the same LAN to perform arbitrary operations or access information via unspecified vectors. low complexity sharp CWE-384	4.6
2017-11-03	CVE-2017-1000150	Session Fixation vulnerability in Mahara Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 are vulnerable to prevent session IDs from being regenerated on login or logout. network low complexity mahara CWE-384	8.8

Vulnerabilities > Session Fixation {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Session Fixation"}]}

Vulnerabilities > Session Fixation