CVSS4
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
ACTIVE
CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:A/VC:L/SC:N/VI:H/SI:N/VA:N/SA:N
AI Score
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
A session fixation vulnerability in Bludit allows an attacker to bypass the server’s authentication if they can trick an administrator or any other user into authorizing a session ID of their choosing.
[
{
"repo": "https://github.com/bludit/bludit/",
"vendor": "Bludit",
"product": "Bludit",
"versions": [
{
"status": "affected",
"version": "0"
}
],
"platforms": [
"Linux",
"Windows",
"MacOS"
],
"packageName": "Bludit",
"collectionURL": "https://www.bludit.com/",
"defaultStatus": "unaffected"
}
]
[
{
"cpes": [
"cpe:2.3:a:bludit:bludit:*:*:*:*:*:*:*:*"
],
"vendor": "bludit",
"product": "bludit",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "3.15.0"
}
],
"defaultStatus": "unknown"
}
]