First published: Wed Apr 29 2020(Updated: )
Subrion CMS 4.2.1 allows session fixation via an alphanumeric value in a session cookie.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Intelliants Subrion | =4.2.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for Subrion CMS 4.2.1 is CVE-2020-12467.
The severity of CVE-2020-12467 is medium, with a severity value of 6.5.
Subrion CMS 4.2.1 allows session fixation by accepting an alphanumeric value in a session cookie.
The affected software version of CVE-2020-12467 is Subrion CMS 4.2.1.
There is no specific fix mentioned in the provided reference. It is recommended to follow the best security practices and update to the latest version of Subrion CMS to mitigate the session fixation vulnerability.