CVE-2018-9026

A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially…

ca·CWE-384·Published 2018-06-18

CVSS

—

EPSS

0.01

KEV

Exploits

cve.orgen

150 chars

A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request.

NVDen

150 chars

A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request.

NVDes

201 chars

Una vulnerabilidad de fijación de sesión en las versiones 2.x de CA Privileged Access Manager permite que los atacantes remotos secuestren sesiones de usuario con una petición especialmente manipulada.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N
3.0	Primary	NVD	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N