ReportizFlow
Filtered by vendor
Subscriptions
Total
60 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-35885 | 1 Mgt-commerce | 1 Cloudpanel | 2024-12-09 | 9.8 Critical |
| CloudPanel 2 before 2.3.1 has insecure file-manager cookie authentication. | ||||
| CVE-2021-20450 | 2024-12-06 | 4.3 Medium | ||
| IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 196640. | ||||
| CVE-2023-32612 | 1 Wavlink | 2 Wl-wn531ax2, Wl-wn531ax2 Firmware | 2024-11-27 | 7.2 High |
| Client-side enforcement of server-side security issue exists in WL-WN531AX2 firmware versions prior to 2023526, which may allow an attacker with an administrative privilege to execute OS commands with the root privilege. | ||||
| CVE-2024-39734 | 1 Ibm | 1 Datacap | 2024-11-21 | 4.3 Medium |
| IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 296001. | ||||
| CVE-2024-28288 | 1 Ruijie | 1 Rg-nbr700gw Firmware | 2024-11-21 | 9.8 Critical |
| Ruijie RG-NBR700GW 10.3(4b12) router lacks cookie verification when resetting the password, resulting in an administrator password reset vulnerability. An attacker can use this vulnerability to log in to the device and disrupt the business of the enterprise. | ||||
| CVE-2024-28233 | 2024-11-21 | 8.1 High | ||
| JupyterHub is an open source multi-user server for Jupyter notebooks. By tricking a user into visiting a malicious subdomain, the attacker can achieve an XSS directly affecting the former's session. More precisely, in the context of JupyterHub, this XSS could achieve full access to JupyterHub API and user's single-user server. The affected configurations are single-origin JupyterHub deployments and JupyterHub deployments with user-controlled applications running on subdomains or peer subdomains of either the Hub or a single-user server. This vulnerability is fixed in 4.1.0. | ||||
| CVE-2024-22186 | 2024-11-21 | 8.8 High | ||
| The application suffers from a privilege escalation vulnerability. An attacker logged in as guest can escalate his privileges by poisoning the cookie to become administrator. | ||||
| CVE-2024-21872 | 2024-11-21 | 7.5 High | ||
| The device allows an unauthenticated attacker to bypass authentication and modify the cookie to reveal hidden pages that allows more critical operations to the transmitter. | ||||
| CVE-2024-21583 | 2024-11-21 | 4.1 Medium | ||
| Versions of the package github.com/gitpod-io/gitpod/components/server/go/pkg/lib before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/components/ws-proxy/pkg/proxy before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/install/installer/pkg/components/auth before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/install/installer/pkg/components/public-api-server before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/install/installer/pkg/components/server before main-gha.27122; versions of the package @gitpod/gitpod-protocol before 0.1.5-main-gha.27122 are vulnerable to Cookie Tossing due to a missing __Host- prefix on the _gitpod_io_jwt2_ session cookie. This allows an adversary who controls a subdomain to set the value of the cookie on the Gitpod control plane, which can be assigned to an attacker’s own JWT so that specific actions taken by the victim (such as connecting a new Github organization) are actioned by the attackers session. | ||||
| CVE-2024-1551 | 1 Redhat | 5 Enterprise Linux, Rhel Aus, Rhel E4s and 2 more | 2024-11-21 | 6.1 Medium |
| Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8. | ||||
| CVE-2024-0947 | 2024-11-21 | 9.8 Critical | ||
| Reliance on Cookies without Validation and Integrity Checking vulnerability in Talya Informatics Elektraweb allows Session Credential Falsification through Manipulation, Accessing/Intercepting/Modifying HTTP Cookies, Manipulating Opaque Client-based Data Tokens.This issue affects Elektraweb: before v17.0.68. | ||||
| CVE-2023-45141 | 1 Gofiber | 1 Fiber | 2024-11-21 | 8.6 High |
| Fiber is an express inspired web framework written in Go. A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the application, which allows an attacker to obtain tokens and forge malicious requests on behalf of a user. This can lead to unauthorized actions being taken on the user's behalf, potentially compromising the security and integrity of the application. The vulnerability is caused by improper validation and enforcement of CSRF tokens within the application. This vulnerability has been addressed in version 2.50.0 and users are advised to upgrade. Users should take additional security measures like captchas or Two-Factor Authentication (2FA) and set Session cookies with SameSite=Lax or SameSite=Secure, and the Secure and HttpOnly attributes. | ||||
| CVE-2023-45128 | 1 Gofiber | 1 Fiber | 2024-11-21 | 10 Critical |
| Fiber is an express inspired web framework written in Go. A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the application, which allows an attacker to inject arbitrary values and forge malicious requests on behalf of a user. This vulnerability can allow an attacker to inject arbitrary values without any authentication, or perform various malicious actions on behalf of an authenticated user, potentially compromising the security and integrity of the application. The vulnerability is caused by improper validation and enforcement of CSRF tokens within the application. This issue has been addressed in version 2.50.0 and users are advised to upgrade. Users should take additional security measures like captchas or Two-Factor Authentication (2FA) and set Session cookies with SameSite=Lax or SameSite=Secure, and the Secure and HttpOnly attributes as defense in depth measures. There are no known workarounds for this vulnerability. | ||||
| CVE-2023-41084 | 1 Socomec | 2 Modulys Gp, Modulys Gp Firmware | 2024-11-21 | 10 Critical |
| Session management within the web application is incorrect and allows attackers to steal session cookies to perform a multitude of actions that the web app allows on the device. | ||||
| CVE-2023-3747 | 1 Cloudflare | 1 Warp | 2024-11-21 | 5.5 Medium |
| Zero Trust Administrators have the ability to disallow end users from disabling WARP on their devices. Override codes can also be created by the Administrators to allow a device to temporarily be disconnected from WARP, however, due to lack of server side validation, an attacker with local access to the device, could extend the maximum allowed disconnected time of WARP client granted by an override code by changing the date & time on the local device where WARP is running. | ||||
| CVE-2023-3050 | 1 Tmtmakine | 2 Lockcell, Lockcell Firmware | 2024-11-21 | 9.8 Critical |
| Reliance on Cookies without Validation and Integrity Checking in a Security Decision vulnerability in TMT Lockcell allows Privilege Abuse, Authentication Bypass.This issue affects Lockcell: before 15. | ||||
| CVE-2023-32725 | 1 Zabbix | 2 Frontend, Zabbix Server | 2024-11-21 | 9.6 Critical |
| The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user. | ||||
| CVE-2022-3083 | 1 Landisgyr | 2 E850, E850 Firmware | 2024-11-21 | 3.9 Low |
| All versions of Landis+Gyr E850 (ZMQ200) are vulnerable to CWE-784: Reliance on Cookies Without Validation and Integrity. The device's web application navigation depends on the value of the session cookie. The web application could become inaccessible for the user if an attacker changes the cookie values. | ||||
| CVE-2022-38297 | 1 Ucms Project | 1 Ucms | 2024-11-21 | 9.8 Critical |
| UCMS v1.6.0 contains an authentication bypass vulnerability which is exploited via cookie poisoning. | ||||
| CVE-2022-36032 | 1 Reactphp | 1 Http | 2024-11-21 | 5.3 Medium |
| ReactPHP HTTP is a streaming HTTP client and server implementation for ReactPHP. In ReactPHP's HTTP server component versions starting with 0.7.0 and prior to 1.7.0, when ReactPHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like `__Host-` and `__Secure-` confused with cookies that decode to such prefix, thus leading to an attacker being able to forge cookie which is supposed to be secure. This issue is fixed in ReactPHP HTTP version 1.7.0. As a workaround, Infrastructure or DevOps can place a reverse proxy in front of the ReactPHP HTTP server to filter out any unexpected `Cookie` request headers. | ||||