Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
ScadaBR 1.12.4 is vulnerable to Session Fixation. The application assigns a JSESSIONID session cookie to unauthenticated users and does not regenerate the session identifier after successful authentication. As a result, a session created prior to login becomes authenticated once the victim logs in, allowing an attacker who knows the session ID to hijack an authenticated session.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sensorweb ScadaBR 安全漏洞
Vulnerability Description
Sensorweb ScadaBR是Sensorweb公司的一套用于开发自动化数据采集和监控应用程序的开源软件。 Sensorweb ScadaBR 1.12.4版本存在安全漏洞,该漏洞源于会话固定,可能导致会话劫持。
CVSS Information
N/A
Vulnerability Type
N/A