exploitDog

GHSA-3q3r-9fqq-hxcm

Опубликовано: 08 дек. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24.492 is vulnerable to Session Fixation. The 'sid' parameter in the group_status.asp resource allows an attacker to escalate privileges and obtain sensitive information.

Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24.492 is vulnerable to Session Fixation. The 'sid' parameter in the group_status.asp resource allows an attacker to escalate privileges and obtain sensitive information.

Ссылки

EPSS

Процентиль: 22%

0.00072

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-384

Связанные уязвимости

CVE-2023-48929

CVSS3: 9.8

nvd

около 2 лет назад

Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24.492 is vulnerable to Session Fixation. The 'sid' parameter in the group_status.asp resource allows an attacker to escalate privileges and obtain sensitive information.

EPSS

Процентиль: 22%

0.00072

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-384