CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Related To CWE-565

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-28113 565 2022-04-15 2022-04-25
9.0
None Remote Low ??? Complete Complete Complete
An issue in upload.csp of FANTEC GmbH MWiD25-DS Firmware v2.000.030 allows attackers to write files and reset the user passwords without having a valid session cookie.
2 CVE-2021-46388 565 2022-02-16 2022-03-02
9.0
None Remote Low ??? Complete Complete Complete
** DISPUTED ** WAGO 750-8212 PFC200 G2 2ETH RS Firmware version 03.05.10(17) is affected by a privilege escalation vulnerability. Improper handling of user cookies leads to escalating privileges to administrative account of the router. NOTE: analysis by a security team (on behalf of the vendor) indicates that an attacker could only view data that is already publicly available, could not modify data, and could not obtain other access or interfere with the operation of the device.
3 CVE-2021-41819 565 2022-01-01 2022-05-08
5.0
None Remote Low Not required None Partial None
CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.
4 CVE-2021-29624 565 CSRF 2021-05-19 2021-05-26
4.3
None Remote Medium Not required None Partial None
fastify-csrf is an open-source plugin helps developers protect their Fastify server against CSRF attacks. Versions of fastify-csrf prior to 3.1.0 have a "double submit" mechanism using cookies with an application deployed across multiple subdomains, e.g. "heroku"-style platform as a service. Version 3.1.0 of the fastify-csrf fixes it. the vulnerability. The user of the module would need to supply a `userInfo` when generating the CSRF token to fully implement the protection on their end. This is needed only for applications hosted on different subdomains.
5 CVE-2021-29012 565 2021-04-02 2021-09-16
7.5
None Remote Low Not required Partial Partial Partial
DMA Softlab Radius Manager 4.4.0 assigns the same session cookie to every admin session. The cookie is valid when the admin is logged in, but is invalid (temporarily) during times when the admin is logged out. In other words, the cookie is functionally equivalent to a static password, and thus provides permanent access if stolen.
6 CVE-2021-3818 565 2021-09-27 2021-09-30
5.0
None Remote Low Not required None Partial None
grav is vulnerable to Reliance on Cookies without Validation and Integrity Checking
7 CVE-2020-26955 565 2020-12-09 2020-12-10
4.3
None Remote Medium Not required None Partial None
When a user downloaded a file in Firefox for Android, if a cookie is set, it would have been re-sent during a subsequent file download operation on the same domain, regardless of whether the original and subsequent request were in private and non-private browsing modes. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 83.
8 CVE-2020-7070 565 2020-10-02 2021-12-02
5.0
None Remote Low Not required None Partial None
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like __Host confused with cookies that decode to such prefix, thus leading to an attacker being able to forge cookie which is supposed to be secure. See also CVE-2020-8184 for more information.
9 CVE-2020-4749 565 2020-10-20 2020-10-20
4.3
None Remote Medium Not required Partial None None
IBM Spectrum Scale 5.0.0 through 5.0.5.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 188518.
10 CVE-2019-17104 565 2019-10-08 2019-10-11
5.0
None Remote Low Not required Partial None None
In Centreon VM through 19.04.3, the cookie configuration within the Apache HTTP Server does not protect against theft because the HTTPOnly flag is not set.
11 CVE-2019-7266 565 Bypass 2019-07-02 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
Linear eMerge 50P/5000P devices allow Authentication Bypass.
12 CVE-2019-4688 565 2020-08-26 2020-08-27
4.3
None Remote Medium Not required Partial None None
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 171825.
13 CVE-2019-4638 565 +Info 2020-01-28 2020-01-30
4.3
None Remote Medium Not required Partial None None
IBM Security Secret Server 10.7 does not set the secure attribute on authorization tokens or session cookies. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 170044.
14 CVE-2019-4330 565 2019-10-29 2019-10-29
4.3
None Remote Medium Not required Partial None None
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 does not set the secure attribute for cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session. IBM X-Force ID: 161210.
15 CVE-2019-4305 565 +Info 2019-09-30 2019-10-09
5.0
None Remote Low Not required Partial None None
IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information caused by the improper setting of a cookie. IBM X-Force ID: 160951.
16 CVE-2018-20512 565 2019-01-03 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
EPON CPE-WiFi devices 2.0.4-X000 are vulnerable to escalation of privileges by sending cooLogin=1, cooUser=admin, and timestamp=-1 cookies.
17 CVE-2018-19224 565 2018-11-12 2020-08-24
5.0
None Remote Low Not required None Partial None
An issue was discovered in LAOBANCMS 2.0. /admin/login.php allows spoofing of the id and guanliyuan cookies.
18 CVE-2018-5190 565 2018-04-17 2019-10-03
5.0
None Remote Low Not required Partial None None
PicturesPro Photo Cart 6 and 7 before Security-Patch-2018-B allows remote attackers to access arbitrary customer accounts via a modified cookie, related to pc_head.php, pc_login.php, and pc_login_page.php.
19 CVE-2017-8034 565 2017-07-17 2019-10-03
6.0
None Remote Medium ??? Partial Partial Partial
The Cloud Controller and Router in Cloud Foundry (CAPI-release capi versions prior to v1.32.0, Routing-release versions prior to v0.159.0, CF-release versions prior to v267) do not validate the issuer on JSON Web Tokens (JWTs) from UAA. With certain multi-zone UAA configurations, zone administrators are able to escalate their privileges.
20 CVE-2017-7279 565 2017-04-12 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
An unprivileged user of the Unitrends Enterprise Backup before 9.0.0 web server can escalate to root privileges by modifying the "token" cookie issued at login.
21 CVE-2017-6896 565 2017-03-14 2019-10-03
6.5
None Remote Low ??? Partial Partial Partial
Privilege escalation vulnerability on the DIGISOL DG-HR1400 1.00.02 wireless router enables an attacker to escalate from user privilege to admin privilege just by modifying the Base64-encoded session cookie value.
22 CVE-2012-5631 565 2019-11-25 2019-12-09
6.8
None Remote Medium Not required Partial Partial Partial
ipa 3.0 does not properly check server identity before sending credential containing cookies
23 CVE-2011-3887 565 Bypass 2011-10-25 2020-05-08
5.0
None Remote Low Not required Partial None None
Google Chrome before 15.0.874.102 does not properly handle javascript: URLs, which allows remote attackers to bypass intended access restrictions and read cookies via unspecified vectors.
Total number of vulnerabilities : 23   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.