Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-384

CWE-384

Session Fixation

Parent: CWE-610 - Externally Controlled Reference to a Resource in Another Sphere

Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.

392 vulnerabilities with CWE-384

CVE-2023-52268 CRITICAL

FreeScout End-User Portal <1.0.65 - Auth Bypass

CVE-2023-50176 HIGH

Fortinet FortiOS <7.4.3, <7.2.7, <7.0.13 - RCE

CVE-2023-38018 MEDIUM

IBM Aspera Shares 1.10.0 PL2 - Privilege Escalation

CVE-2023-30307 MEDIUM

CVE-2023-38002 MEDIUM

IBM Storage Scale <5.1.9.2 - Privilege Escalation

CVE-2023-50270 MEDIUM

Apache Dolphinscheduler < 3.2.1 - Insufficient Session Expiration

CVE-2023-45718 LOW

Sametime - Info Disclosure

CVE-2023-47798 MEDIUM

Liferay Portal/DXP <7.3.0 - Privilege Escalation

CVE-2023-50941 MEDIUM

IBM PowerSC <2.2 - Privilege Escalation

CVE-2023-52353 HIGH

Mbed TLS <3.5.1 - Info Disclosure

CVE-2023-50920 MEDIUM

GL.iNet <4.5.0 - Privilege Escalation

CVE-2023-6913 HIGH

Imou Life <6.7.0 - CSRF

CVE-2023-49804 MEDIUM

Uptime Kuma <1.23.9 - Info Disclosure

CVE-2023-48929 CRITICAL

Franklin Fueling Systems SSA <1.6.24.492 - Privilege Escalation

CVE-2023-46733 MEDIUM

Symfony <5.4.31 & <6.3.8 - Info Disclosure

CVE-2023-5309 MEDIUM

Puppet Enterprise <2021.7.6,2023.5 - Privilege Escalation

CVE-2023-0897 HIGH

Sielco PolyEco1000 - Info Disclosure

CVE-2023-45687 HIGH

South River Technologies - Privilege Escalation

CVE-2023-44400 MEDIUM

Uptime Kuma <1.23.3 - Privilege Escalation

CVE-2023-42322 CRITICAL

icmsdev iCMS 7.0.16 - Info Disclosure

CVE-2023-3711 MEDIUM

Honeywell PM43 <P10.19.050004 - Session Fixation

CVE-2023-41012 CRITICAL

China Mobile Intelligent Home Gateway v.HG6543C4 - RCE

CVE-2023-4649 MEDIUM

instantsoft/icms2 <2.16.1 - Info Disclosure

CVE-2023-40273 HIGH

Airflow - Session Fixation

CVE-2023-24477 HIGH

Guardian/CMC <22.6.2 - Privilege Escalation

Previous Page 5 of 16 Next

Details

Vulnerabilities 392

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy