Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2011-4718
cve-2011-4718
session fixation
php
vulnerability
web sessions
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.2 High
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
78.8%
Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID.
Affected configurations
Node
phpphpRange≤5.5.1
ORphpphpMatch5.0.0
ORphpphpMatch5.0.0beta1
ORphpphpMatch5.0.0beta2
ORphpphpMatch5.0.0beta3
ORphpphpMatch5.0.0beta4
ORphpphpMatch5.0.0rc1
ORphpphpMatch5.0.0rc2
ORphpphpMatch5.0.0rc3
ORphpphpMatch5.0.1
ORphpphpMatch5.0.2
ORphpphpMatch5.0.3
ORphpphpMatch5.0.4
ORphpphpMatch5.0.5
ORphpphpMatch5.1.0
ORphpphpMatch5.1.1
ORphpphpMatch5.1.2
ORphpphpMatch5.1.3
ORphpphpMatch5.1.4
ORphpphpMatch5.1.5
ORphpphpMatch5.1.6
ORphpphpMatch5.2.0
ORphpphpMatch5.2.1
ORphpphpMatch5.2.2
ORphpphpMatch5.2.3
ORphpphpMatch5.2.4
ORphpphpMatch5.2.5
ORphpphpMatch5.2.6
ORphpphpMatch5.2.7
ORphpphpMatch5.2.8
ORphpphpMatch5.2.9
ORphpphpMatch5.2.10
ORphpphpMatch5.2.11
ORphpphpMatch5.2.12
ORphpphpMatch5.2.13
ORphpphpMatch5.2.14
ORphpphpMatch5.2.15
ORphpphpMatch5.2.16
ORphpphpMatch5.2.17
ORphpphpMatch5.3.0
ORphpphpMatch5.3.1
ORphpphpMatch5.3.2
ORphpphpMatch5.3.3
ORphpphpMatch5.3.4
ORphpphpMatch5.3.5
ORphpphpMatch5.3.6
ORphpphpMatch5.3.7
ORphpphpMatch5.3.8
ORphpphpMatch5.3.9
ORphpphpMatch5.3.10
ORphpphpMatch5.3.11
ORphpphpMatch5.3.12
ORphpphpMatch5.3.13
ORphpphpMatch5.3.14
ORphpphpMatch5.3.15
ORphpphpMatch5.3.16
ORphpphpMatch5.3.17
ORphpphpMatch5.3.18
ORphpphpMatch5.3.19
ORphpphpMatch5.3.20
ORphpphpMatch5.3.21
ORphpphpMatch5.3.22
ORphpphpMatch5.3.23
ORphpphpMatch5.3.24
ORphpphpMatch5.3.25
ORphpphpMatch5.3.26
ORphpphpMatch5.3.27
ORphpphpMatch5.4.0
ORphpphpMatch5.4.1
ORphpphpMatch5.4.2
ORphpphpMatch5.4.3
ORphpphpMatch5.4.4
ORphpphpMatch5.4.5
ORphpphpMatch5.4.6
ORphpphpMatch5.4.7
ORphpphpMatch5.4.8
ORphpphpMatch5.4.9
ORphpphpMatch5.4.10
ORphpphpMatch5.4.11
ORphpphpMatch5.4.12
ORphpphpMatch5.4.12rc1
ORphpphpMatch5.4.12rc2
ORphpphpMatch5.4.13
ORphpphpMatch5.4.13rc1
ORphpphpMatch5.4.14
ORphpphpMatch5.4.14rc1
ORphpphpMatch5.4.15rc1
ORphpphpMatch5.4.16rc1
ORphpphpMatch5.5.0alpha1
ORphpphpMatch5.5.0alpha2
ORphpphpMatch5.5.0alpha3
ORphpphpMatch5.5.0alpha4
ORphpphpMatch5.5.0alpha5
ORphpphpMatch5.5.0alpha6
ORphpphpMatch5.5.0beta1
ORphpphpMatch5.5.0beta2
ORphpphpMatch5.5.0beta3
ORphpphpMatch5.5.0beta4
ORphpphpMatch5.5.0rc1
ORphpphpMatch5.5.0rc2
Related
nvd
nvd
CVE-2011-4718
2013-08-13 15:04:18
f5
f5
SOL14930 - PHP vulnerability CVE-2011-4718
2014-01-16 00:00:00
K14930 : PHP vulnerability CVE-2011-4718
2014-01-17 00:00:00
openvas
openvas
PHP Sessions Subsystem Session Fixation Vulnerability (Aug 2013)
2013-08-19 00:00:00
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-2546)
2020-01-23 00:00:00
Fedora Update for php FEDORA-2013-14998
2013-08-27 00:00:00
prion
prion
Session fixation
2013-08-13 15:04:00
ubuntucve
ubuntucve
CVE-2011-4718
2013-08-13 00:00:00
cvelist
cvelist
CVE-2011-4718
2022-10-03 16:15:13
nessus
nessus
PHP 5.5.x < 5.5.3 Multiple Vulnerabilities
2013-08-21 00:00:00
PHP 5.5.x < 5.5.2 Multiple Vulnerabilities
2013-08-21 00:00:00
Fedora 19 : php-5.5.3-1.fc19 (2013-14998)
2013-08-25 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: php-5.5.3-1.fc19
2013-08-24 00:05:41
[SECURITY] Fedora 19 Update: php-5.5.7-1.fc19
2013-12-13 05:03:19
[SECURITY] Fedora 19 Update: php-5.5.12-1.fc19
2014-05-12 05:25:38
amazon
amazon
Medium: php54
2013-09-19 15:28:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2014-08-29 00:00:00
cloudlinux
cloudlinux
Fix of 227 CVE
2020-10-15 12:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.2 High
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
78.8%
Related for CVE-2011-4718