CVE-2016-9125 Information

Description

Revive Adserver before 3.2.3 suffers from session fixation by allowing arbitrary session identifiers to be forced and at the same time by not invalidating the existing session upon a successful authentication. Under some circumstances that could have been an opportunity for an attacker to steal an authenticated session.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

https://github.com/revive-adserver/revive-adserver/commit/4910365631eabbb208961c36149f41cc8159fb39 https://hackerone.com/reports/93809 https://hackerone.com/reports/93813 https://www.revive-adserver.com/security/revive-sa-2016-001/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

9.8