Session Fixation Vulnerability in OpenStack Dashboard by OpenStack
CVE-2012-2144

Currently unrated

Key Information:

Vendor: Openstack
Status: Horizon
Vendor: CVE Published:; 5 June 2012

Summary

A session fixation vulnerability exists in OpenStack Dashboard (Horizon) versions folsom-1 and 2012.1, allowing remote attackers to hijack user web sessions. This vulnerability is exploited through manipulation of the sessionid cookie, compromising session integrity and security, ultimately putting sensitive user data at risk. It is crucial for users and administrators to implement proper session management protocols to mitigate this risk.

References

http://secunia.com/advisories/49024

third-party-advisoryx_refsource_SECUNIA

http://www.openwall.com/lists/oss-security/2012/05/05/1

mailing-listx_refsource_MLIST

https://exchange.xforce.ibmcloud.com/vulnerabilities/75423

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jun 5, 2012
Vulnerability Reserved
Apr 4, 2012