CVE-2024-2639

Name of the Vulnerable Software and Affected Versions Bdtask Wholesale Inventory Management System versions up to 20240311

Description A vulnerability was found in the system, affecting an unknown functionality, which leads to session fixiation. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Recommendations For versions up to 20240311, as a temporary workaround, consider implementing additional security measures to prevent session fixation attacks, such as regenerating session IDs after a successful login. At the moment, there is no information about a newer version that contains a fix for this vulnerability.