CVE-2019-7280

Name of the Vulnerable Software and Affected Versions Prima Systems FlexAir versions 2.3.38 and prior

Description The issue is related to the session-ID being of an insufficient length, making it vulnerable to brute force exploitation. This could allow a remote attacker to obtain a valid session and bypass authentication.

Recommendations For versions 2.3.38 and prior, update to a version later than 2.3.38 to resolve the issue. As a temporary workaround, consider implementing additional authentication measures to minimize the risk of exploitation.