CVE-2020-10714
CVSS v3.1
7.5 (High)
CVSS v2.0
5.1 (Medium)
EPSS
0.18 % (56th)
Affected Products
6
Advisories
1
A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Weaknesses
- CWE-384
- Session Fixation
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2020-09-23 13:15:15
(4 years ago) - Updated Date
-
2022-11-08 13:58:38
(22 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...