CVE-2019-10158
Description
A flaw was found in Infinispan through version 9.4.14.Final. An improper implementation of the session fixation protection in the Spring Session integration can result in incorrect session handling.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.509
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2019-10158 are fixed in Infinispan--core 9.4.15 | Windows |
| Multiple Vulnerabilities are affected in Red Hat JBoss Data Grid 7.0.0 | Windows |
| Vulnerabilities CVE-2019-10158 are fixed in Infinispan--core for Linux 9.4.15 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234