CVE-2021-25992

Name of the Vulnerable Software and Affected Versions Ifme versions 1.0.0 to 7.33.2

Description The issue arises from improper session invalidation after a user logs out, allowing an attacker to reuse admin cookies through local or network access, or other potential attacks.

Recommendations For versions 1.0.0 to 7.33.2, consider disabling the session management feature until a proper fix is implemented to prevent session reuse. Restrict access to admin cookies to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.