CVE-2021-44151

Name of the Vulnerable Software and Affected Versions: Reprise RLM version 14.2

Description: An issue was discovered in Reprise RLM where session cookies are small, allowing an attacker to hijack existing sessions by bruteforcing the 4 hex-character session cookie on the Windows version. The Linux version appears to have 8 characters. An attacker can obtain the static part of the cookie by making a request to any page on the application, such as "/goforms/menu", and saving the name of the cookie sent with the response. The attacker can then use the name of the cookie and try to request the same page, setting a random value for the cookie. If any user has an active session, the page should return with authorized content when a valid cookie value is hit.

Recommendations: As a temporary workaround, consider implementing additional security measures to protect against session hijacking, such as monitoring for unusual activity and limiting access to sensitive pages. To resolve the issue, update Reprise RLM to a version where this issue is fixed, if available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.