CVE-2024-24823 | Graylog2 Server up to 5.1.10/5.2.3 /api/system/sessions session fixiation (GHSA-3xf8-g8gr-g7rh)

Posted by Angelo Barbosa | Feb 7, 2024 | CVE

A vulnerability classified as problematic has been found in Graylog2 Server up to 5.1.10/5.2.3. Affected is an unknown function of the file /api/system/sessions. The manipulation leads to session fixiation.

This vulnerability is traded as CVE-2024-24823. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-24823 | Graylog2 Server up to 5.1.10/5.2.3 /api/system/sessions session fixiation (GHSA-3xf8-g8gr-g7rh)

Related Posts

CVE-2024-35879 | Linux Kernel up to 6.8.4 of_changeset_destroy memory leak

CVE-2024-26662 | Linux Kernel up to 6.6.16/6.7.4 Display dcn21_set_backlight_level null pointer dereference (2e150ccea131/0c863cab0e91/e96fddb32931)

CVE-2024-4576 | Tibco EBX up to 9.25 path traversal

CVE-2023-39206: Zoom Client buffer overflow