Vulnerabilities > Session Fixation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-11 | CVE-2022-40226 | Session Fixation vulnerability in Siemens products A vulnerability has been identified in SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10). | 8.1 |
| 2022-10-10 | CVE-2022-34334 | Session Fixation vulnerability in IBM Sterling Partner Engagement Manager 2.0/6.1 IBM Sterling Partner Engagement Manager 2.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. | 6.5 |
| 2022-09-23 | CVE-2022-40630 | Session Fixation vulnerability in Tacitine products This vulnerability exists in Tacitine Firewall, all versions of EN6200-PRIME QUAD-35 and EN6200-PRIME QUAD-100 between 19.1.1 to 22.20.1 (inclusive), due to improper session management in the Tacitine Firewall web-based management interface. | 9.8 |
| 2022-09-05 | CVE-2022-38369 | Session Fixation vulnerability in Apache Iotdb 0.13.0 Apache IoTDB version 0.13.0 is vulnerable by session id attack. | 8.8 |
| 2022-09-02 | CVE-2022-38054 | Session Fixation vulnerability in Apache Airflow In Apache Airflow versions 2.2.4 through 2.3.3, the `database` webserver session backend was susceptible to session fixation. | 9.8 |
| 2022-08-25 | CVE-2022-31798 | Session Fixation vulnerability in Nortekcontrol Emerge E3 Firmware 0.3207E/0.3207P Nortek Linear eMerge E3-Series 0.32-07p devices are vulnerable to /card_scan.php?CardFormatNo= XSS with session fixation (via PHPSESSID) when they are chained together. | 6.1 |
| 2022-08-10 | CVE-2022-33927 | Session Fixation vulnerability in Dell Wyse Management Suite Dell Wyse Management Suite 3.6.1 and below contains a Session Fixation vulnerability. | 6.5 |
| 2022-07-19 | CVE-2022-34536 | Session Fixation vulnerability in DW Megapix Firmware 4.2.0.32842 Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows attackers to access the core log file and perform session hijacking via a crafted session token. | 7.5 |
| 2022-07-01 | CVE-2022-25896 | Session Fixation vulnerability in Passport Project Passport This affects the package passport before 0.6.0. | 4.8 |
| 2022-06-28 | CVE-2022-24444 | Session Fixation vulnerability in Silverstripe Silverstripe silverstripe/framework through 4.10 allows Session Fixation. | 6.5 |