CVE-2014-0090

Опубликовано: 24 мар. 2014

Источник: redhat

CVSS2: 3.6

Описание

Session fixation vulnerability in Foreman before 1.4.2 allows remote attackers to hijack web sessions via the session id cookie.

Отчет

The Red Hat Security Response Team has rated this issue as having Low security impact in Red Hat Enterprise Linux OpenStack Platform 3 and 4. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat OpenStack Platform 3	ruby193-foreman	Will not fix
Red Hat OpenStack Platform 4	foreman	Will not fix
Red Hat Satellite 6.0	foreman	Fixed	RHEA-2014:1175	10.09.2014

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-384

https://bugzilla.redhat.com/show_bug.cgi?id=1072151Foreman: Session fixation

3.6 Low

CVSS2

Связанные уязвимости

CVE-2014-0090

nvd

больше 11 лет назад

Session fixation vulnerability in Foreman before 1.4.2 allows remote attackers to hijack web sessions via the session id cookie.

CVE-2014-0090

debian

больше 11 лет назад

Session fixation vulnerability in Foreman before 1.4.2 allows remote a ...

GHSA-5f2c-vhf8-frf8

github

больше 3 лет назад

Session fixation vulnerability in Foreman before 1.4.2 allows remote attackers to hijack web sessions via the session id cookie.

3.6 Low

CVSS2