PT-2020-10197 · Halvotec · Halvotec Raquest
Published
2020-03-16
·
Updated
2020-06-25
·
CVE-2019-19610
CVSS v2.0
5.8
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Halvotec RaQuest versions prior to 24.2020.20608.0
Description
An issue was discovered that allows session fixation. The vendor does not recognize this issue and will not patch it.
Recommendations
For versions prior to 24.2020.20608.0, consider updating to Release 24.2020.20608.0 to resolve the issue. As a temporary workaround, consider implementing additional session validation mechanisms to minimize the risk of session fixation.
Fix
Session Fixation
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Halvotec Raquest