Multiple Cisco Products CVE-2018-0229 Session Fixation Vulnerability
BID:103939
CVE-2018-229 |Info
Multiple Cisco Products CVE-2018-0229 Session Fixation Vulnerability
| Bugtraq ID: | 103939 |
| Class: | Unknown |
| CVE: |
CVE-2018-0229 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 18 2018 12:00AM |
| Updated: | Apr 18 2018 12:00AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Cisco Firepower Threat Defense Software (FTD) 0 Cisco Firepower Threat Defense Software 6.2.3 Cisco Firepower Threat Defense Software 6.2.2 Cisco Firepower Threat Defense Software 6.2.1 Cisco AnyConnect Secure Mobility Client 4.5 Cisco AnyConnect Secure Mobility Client 4.4 Cisco AnyConnect Secure Mobility Client 4.3 Cisco Adaptive Security Appliance Software 9.9 Cisco Adaptive Security Appliance Software 9.8 Cisco Adaptive Security Appliance Software 9.7 |
| Not Vulnerable: |
Cisco AnyConnect Secure Mobility Client 4.6 Cisco Adaptive Security Appliance Software 9.9.2.1 Cisco Adaptive Security Appliance Software 9.8.2.28 Cisco Adaptive Security Appliance Software 9.7.1.24 |
Discussion
Multiple Cisco Products CVE-2018-0229 Session Fixation Vulnerability
Multiple Cisco Products are prone to a session-fixation vulnerability.
An attacker can hijack an arbitrary session and gain unauthorized access to the affected application.
This issue is being tracked by Cisco Bug IDs CSCvg65072 and CSCvh87448.
Multiple Cisco Products are prone to a session-fixation vulnerability.
An attacker can hijack an arbitrary session and gain unauthorized access to the affected application.
This issue is being tracked by Cisco Bug IDs CSCvg65072 and CSCvh87448.
Solution / Fix
Multiple Cisco Products CVE-2018-0229 Session Fixation Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Multiple Cisco Products CVE-2018-0229 Session Fixation Vulnerability
References:
References: