Session Fixation Vulnerability in OpenStack Dashboard by OpenStack
CVE-2012-2144

Currently unrated

Key Information:

Vendor
Openstack
Status
Vendor
CVE Published:
5 June 2012

Summary

A session fixation vulnerability exists in OpenStack Dashboard (Horizon) versions folsom-1 and 2012.1, allowing remote attackers to hijack user web sessions. This vulnerability is exploited through manipulation of the sessionid cookie, compromising session integrity and security, ultimately putting sensitive user data at risk. It is crucial for users and administrators to implement proper session management protocols to mitigate this risk.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.