Логотип exploitDog
bind:CVE-2016-9125
Консоль
Логотип exploitDog

exploitDog

bind:CVE-2016-9125

Количество 2

Количество 2

nvd логотип

CVE-2016-9125

больше 8 лет назад

Revive Adserver before 3.2.3 suffers from session fixation, by allowing arbitrary session identifiers to be forced and, at the same time, by not invalidating the existing session upon a successful authentication. Under some circumstances, that could have been an opportunity for an attacker to steal an authenticated session.

CVSS3: 9.8
EPSS: Низкий
github логотип

GHSA-22mq-h6q3-chp7

около 3 лет назад

Revive Adserver before 3.2.3 suffers from session fixation, by allowing arbitrary session identifiers to be forced and, at the same time, by not invalidating the existing session upon a successful authentication. Under some circumstances, that could have been an opportunity for an attacker to steal an authenticated session.

CVSS3: 9.8
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
nvd логотип
CVE-2016-9125

Revive Adserver before 3.2.3 suffers from session fixation, by allowing arbitrary session identifiers to be forced and, at the same time, by not invalidating the existing session upon a successful authentication. Under some circumstances, that could have been an opportunity for an attacker to steal an authenticated session.

CVSS3: 9.8
1%
Низкий
больше 8 лет назад
github логотип
GHSA-22mq-h6q3-chp7

Revive Adserver before 3.2.3 suffers from session fixation, by allowing arbitrary session identifiers to be forced and, at the same time, by not invalidating the existing session upon a successful authentication. Under some circumstances, that could have been an opportunity for an attacker to steal an authenticated session.

CVSS3: 9.8
1%
Низкий
около 3 лет назад

Уязвимостей на страницу