目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1310

100%
请我们喝杯咖啡

CWE-384 会话固定 类漏洞列表 150

CWE-384 会话固定 类弱点 150 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-384 会话固定是一种身份验证漏洞,指系统在用户认证后未销毁旧会话标识符,导致攻击者可利用预设的会话ID劫持合法会话。攻击者通常诱导受害者使用其控制的会话ID进行登录,从而窃取权限。开发者应避免此问题,需在用户成功认证或权限变更后强制生成新的会话标识符,并彻底销毁旧会话,确保会话状态与用户身份严格绑定。

MITRE CWE 官方描述
CWE:CWE-384 Session Fixation(会话固定) 在验证用户身份或建立新的用户会话时,如果不使任何现有的会话标识符(Session Identifier)失效,攻击者便有机会窃取已认证的会话。 通常会在以下场景中观察到此类情况:Web 应用在未首先使现有会话失效的情况下对用户进行身份验证,从而继续使用已与用户关联的会话。攻击者能够强制用户接受一个已知的会话标识符,以便在用户完成身份验证后,攻击者即可访问该已认证的会话。应用程序或容器使用可预测的会话标识符。在针对会话固定漏洞的通用利用中,攻击者在 Web 应用中创建一个新会话并记录相关的会话标识符。随后,攻击者诱导受害者使用该会话标识符与服务器建立关联(并可能进行身份验证),从而使攻击者能够通过该活动会话访问用户的账户。
常见影响 (1)
Access ControlGain Privileges or Assume Identity
缓解措施 (3)
Architecture and DesignInvalidate any existing session identifiers prior to authorizing a new user session.
Architecture and DesignFor platforms such as ASP that do not generate new values for sessionid cookies, utilize a secondary cookie. In this approach, set a secondary cookie on the user's browser to a random value and set a session variable to the same value. If the session variable and the cookie value ever don't match, invalidate the session, and force the user to log on again.
OperationUse an application firewall that can detect attacks against this weakness. It can be beneficial in cases in which the code cannot be fixed (because it is controlled by a third party), as an emergency prevention measure while more comprehensive software assurance measures are applied, or to provide defense in depth [REF-1481].
Effectiveness: Moderate
代码示例 (2)
The following example shows a snippet of code from a J2EE web application where the application authenticates users with LoginContext.login() without first calling HttpSession.invalidate().
private void auth(LoginContext lc, HttpSession session) throws LoginException { ... lc.login(); ... }
Bad · Java
The following example shows a snippet of code from a J2EE web application where the application authenticates users with a direct post to the <code>j_security_check</code>, which typically does not invalidate the existing session before processing the login request.
<form method="POST" action="j_security_check"> <input type="text" name="j_username"> <input type="text" name="j_password"> </form>
Bad · HTML
CVE ID标题CVSS风险等级Published
CVE-2024-45368 AutomationDirect DirectLogic H2-DM1E 授权问题漏洞 — DirectLogic H2-DM1E 8.8 High2024-09-13
CVE-2024-42345 Siemens SINEMA Remote Connect Server 授权问题漏洞 — SINEMA Remote Connect Server 4.3 Medium2024-09-10
CVE-2024-7341 Red Hat Keycloak 授权问题漏洞 7.1 High2024-09-09
CVE-2023-38018 IBM Aspera Shares 授权问题漏洞 — Aspera Shares 6.3 Medium2024-08-09
CVE-2024-38513 Fiber 安全漏洞 — fiber 10.0 Critical2024-07-01
CVE-2024-24552 Bludit 安全漏洞 — Bludit 8.8AIHighAI2024-06-24
CVE-2024-25977 HAWKI 跨站脚本漏洞 — HAWKI 8.3AIHighAI2024-05-29
CVE-2023-38002 IBM Storage Scale 安全漏洞 — Storage Scale 5.0 Medium2024-04-30
CVE-2024-2260 ZenML 授权问题漏洞 — zenml-io/zenml 8.8 -2024-04-16
CVE-2024-31221 Sunshine 安全漏洞 — Sunshine 5.9 Medium2024-04-08
CVE-2024-2639 Inventory Management System 授权问题漏洞 — Wholesale Inventory Management System 4.3 Medium2024-03-19
CVE-2024-22250 VMware Enhanced Authentication Plug-in 安全漏洞 — VMware Enhanced Authentication Plug-in (EAP) 7.8 High2024-02-20
CVE-2023-47798 Liferay Portal和Liferay DXP 安全漏洞 — Portal 5.4 Medium2024-02-08
CVE-2024-24823 Graylog 授权问题漏洞 — graylog2-server 5.7 Medium2024-02-07
CVE-2023-50941 IBM PowerSC 授权问题漏洞 — PowerSC 6.3 Medium2024-02-02
CVE-2024-23679 Enonic XP 授权问题漏洞 9.8 -2024-01-19
CVE-2024-0351 Engineers Online Portal 授权问题漏洞 — Engineers Online Portal 3.1 Low2024-01-09
CVE-2023-6913 Imou Life 授权问题漏洞 — Imou Life app 8.1 High2023-12-19
CVE-2023-49804 Uptime Kuma 授权问题漏洞 — uptime-kuma 6.7 Medium2023-12-11
CVE-2023-46733 Symfony 安全漏洞 — symfony 6.5 Medium2023-11-10
CVE-2023-5309 Puppet Enterprise 授权问题漏洞 — Puppet Enterprise 6.8 Medium2023-11-07
CVE-2023-0897 Sielco PolyEco1000 授权问题漏洞 — PolyEco1000 8.8 High2023-10-26
CVE-2023-45687 South River Technologies Titan MFT和Titan SFTP 授权问题漏洞 — Titan MFT 8.1 -2023-10-16
CVE-2023-44400 Uptime Kuma 授权问题漏洞 — uptime-kuma 6.7 Medium2023-10-09
CVE-2022-3916 Red Hat Keycloak 代码问题漏洞 — Red Hat Single Sign-On 7 6.8 Medium2023-09-20
CVE-2023-3711 Honeywell Products 授权问题漏洞 — PM23/43 6.4 Medium2023-09-12
CVE-2023-4649 iCMS 授权问题漏洞 — instantsoft/icms2 7.6 -2023-08-31
CVE-2023-40273 Apache Airflow 授权问题漏洞 — Apache Airflow 8.8 -2023-08-23
CVE-2023-24477 Nozomi Networks Guardian 授权问题漏洞 — Guardian 7.0 High2023-08-09
CVE-2023-3394 fossbilling 授权问题漏洞 — fossbilling/fossbilling 7.6 -2023-06-23

CWE-384(会话固定) 是常见的弱点类别,本平台收录该类弱点关联的 150 条 CVE 漏洞。