CVE-2024-28144 - Apache Session Hijacking
CVE ID : CVE-2024-28144 Published : Dec. 12, 2024, 2:15 p.m. | 2 hours, 44 minutes ago Description : An attacker who can spoof the IP address and the User-Agent of a logged-in user can takeover the session because of flaws in the self-developed session management. If two users access the web interface from the same IP they are logged in as the other user. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-28144
Published : Dec. 12, 2024, 2:15 p.m. | 2 hours, 44 minutes ago
Description : An attacker who can spoof the IP address and the User-Agent of a logged-in user can takeover the session because of flaws in the self-developed session management. If two users access the web interface from the same IP they are logged in as the other user.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : Dec. 12, 2024, 2:15 p.m. | 2 hours, 44 minutes ago
Description : An attacker who can spoof the IP address and the User-Agent of a logged-in user can takeover the session because of flaws in the self-developed session management. If two users access the web interface from the same IP they are logged in as the other user.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
