Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-384

CWE-384

Session Fixation

Parent: CWE-610 - Externally Controlled Reference to a Resource in Another Sphere

Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.

392 vulnerabilities with CWE-384

CVE-2021-39290 CRITICAL

NetModule <4.3.0.113-4.5.0.105 - Limited Session Fixation

CVE-2021-22927 HIGH

Citrix ADC/Gateway <13.0-82.45 - Session Fixation

CVE-2021-2351 HIGH

Oracle Database Server <19c - Info Disclosure

CVE-2021-32710 MEDIUM

Shopware <6.3.5.2 - Info Disclosure

CVE-2021-35046 MEDIUM

Ice Hrm 29.0.0 - Info Disclosure

CVE-2021-32676 MEDIUM

Nextcloud Talk <9.0.10, 10.0.8, 11.2.2 - Info Disclosure

CVE-2021-33394 MEDIUM

Cubecart 6.4.2 - Session Fixation

CVE-2020-36913 MEDIUM

All-Dynamics Software enlogic:show 2.0.2 - CSRF

CVE-2020-15679 HIGH

Mozilla VPN <1.2.2 - Session Fixation

CVE-2020-25152 MEDIUM

B. Braun Melsungen AG - Session Fixation

CVE-2020-35229 HIGH

NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 - Privilege Escalation

CVE-2020-35591 MEDIUM

Pi-hole 5.0-5.1.1 - Session Fixation

CVE-2020-4954 MEDIUM

IBM Spectrum Protect Operations Center <8.1 - Auth Bypass

CVE-2020-5021 MEDIUM

IBM Spectrum Protect Plus <10.1.7 - Privilege Escalation

CVE-2020-25198 HIGH

MOXA NPort IAW5000A-I/O <2.1 - Session Fixation

CVE-2020-4555 MEDIUM

IBM Financial Transaction Manager <3.1.0 - Privilege Escalation

CVE-2020-5645 HIGH

GT14 GOT 1000 series - Info Disclosure

CVE-2020-5654 HIGH

MELSEC iQ-R - Session Fixation

CVE-2020-15909 HIGH

SolarWinds N-central <2020.1 - Session Hijacking

CVE-2020-10714 HIGH

WildFly Elytron <1.11.3.Final - Privilege Escalation

CVE-2020-6302 HIGH

SAP Commerce <2005 - Session Fixation

CVE-2020-4243 LOW

IBM Security Identity Governance and Intelligence <5.2.6 - Info Dis...

CVE-2020-4527 MEDIUM

IBM Planning Analytics 2.0 - Info Disclosure

CVE-2020-6290 MEDIUM

SAP Disclosure Mgmt <10.1 - Session Fixation

CVE-2020-5596 HIGH

Mitsubishi Electric GOT2000 - DoS

Previous Page 9 of 16 Next

Details

Vulnerabilities 392

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy