CVE-2017-5141

CVE-2017-5141

An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. An attacker can establish a new user session, without invalidating any existing session identifier, which gives the opportunity to steal authenticated sessions (SESSION FIXATION).

Source: CVE-2017-5141

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다