CVE-2024-8643

Name of the Vulnerable Software and Affected Versions: ValeApp versions prior to 2.0.0

Description: The issue is a Session Fixation vulnerability that allows for Brute Force and Session Hijacking. This vulnerability affects the authentication mechanism of the software, potentially allowing unauthorized access to user sessions.

Recommendations: For versions prior to 2.0.0, update to version 2.0.0 or later to resolve the issue. As a temporary workaround, consider implementing additional security measures to protect against brute force attacks and session hijacking, such as restricting access to sensitive areas of the application or implementing rate limiting on login attempts.