Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-384

CWE-384

Session Fixation

Parent: CWE-610 - Externally Controlled Reference to a Resource in Another Sphere

Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.

404 vulnerabilities with CWE-384

CVE-2019-13517 HIGH

Pyxis ES <1.6.1 - Privilege Escalation

CVE-2019-12258 HIGH

URGENT/11 Scanner, Based on Detection Tool by Armis

CVE-2019-5406 HIGH

HPE 3PAR StoreServ Management Console < 3.5.0.1 - Remote Session Reuse

CVE-2019-5400 MEDIUM

HPE 3PAR Service Processor <5.0.5.1 - SSRF

CVE-2019-10371 HIGH

Jenkins Gitlab Auth Plugin <1.4 - Privilege Escalation

CVE-2019-7849 HIGH

Magento <1.9.4.2, <1.14.4.2, <2.1.18, <2.2.9, <2.3.2 - Info Disclosure

CVE-2019-4439 MEDIUM

IBM Cloud Private <3.1.2 - Privilege Escalation

CVE-2019-10120 HIGH

eQ-3 HomeMatic CCU2/CCU3 <2.41.8/<3.43.16 - Auth Bypass

CVE-2019-4152 MEDIUM

IBM Security Access Manager <9.0.7 - Info Disclosure

CVE-2019-6584 HIGH

SIEMENS LOGO!8 - Privilege Escalation

CVE-2019-10045 MEDIUM

Pydio < 8.2.2 - Session Fixation via Session Cookie Disclosure

CVE-2019-1807 HIGH

Cisco Umbrella Dashboard - Privilege Escalation

CVE-2019-10008 HIGH

Zoho ManageEngine ServiceDesk 9.3 - Privilege Escalation

CVE-2019-11213 HIGH

Pulse Secure <5.3R7, <9.0R3 - Privilege Escalation

CVE-2019-5523 CRITICAL

VMware vCloud Director for Service Providers <9.5.0.3 - RCE

CVE-2019-9744 HIGH

PHOENIX CONTACT FL NAT SMCS/SMN - Auth Bypass

CVE-2019-3784 HIGH

Cloud Foundry Stratos <2.3.0 - Privilege Escalation

CVE-2019-3783 HIGH

Cloud Foundry Stratos <2.3.0 - Privilege Escalation

CVE-2019-0102 HIGH

Intel(R) Data Center Manager SDK <5.0.2 - Privilege Escalation

CVE-2019-7747 CRITICAL

DbNinja 3.2.7 - Session Fixation via data.php sessid Parameter

CVE-2019-1003019 MEDIUM

Jenkins GitHub Auth Plug <0.29 - Privilege Escalation

CVE-2019-7350 HIGH

ZoneMinder <1.32.3 - Session Fixation

CVE-2018-16495 HIGH

Versa Operating System < 16.1r2s11 - Session Fixation via Pre-Authentication Token

CVE-2018-15208 HIGH

BPC SmartVista 2 - Session Fixation via JSESSIONID Parameter

CVE-2018-1626 LOW

IBM Security Privileged Identity Manager Virtual Appliance <2.2.1 -...

Previous Page 12 of 17 Next

Details

Vulnerabilities 404

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy