// For flags

CVE-2010-1434

 

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Joomla! Core is prone to a session fixation vulnerability. An attacker may leverage this issue to hijack an arbitrary session and gain access to sensitive information, which may help in launching further attacks. Joomla! Core versions 1.5.x ranging from 1.5.0 and up to and including 1.5.15 are vulnerable.

Joomla! Core es propenso a una vulnerabilidad de fijación de sesión. Un atacante puede aprovechar este problema para secuestrar una sesión arbitraria y conseguir acceso a información confidencial, que puede ayudar a lanzar futuros ataques. Joomla! Core versiones 1.5.x que van desde la 1.5.0 hasta la 1.5.15 e incluyéndola son vulnerables

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2010-04-15 CVE Reserved
  • 2021-06-21 CVE Published
  • 2024-03-06 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-384: Session Fixation
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Joomla
Search vendor "Joomla"
 Joomla\!
Search vendor "Joomla" for product "Joomla\!"
 >= 1.5.0 <= 1.5.15
Search vendor "Joomla" for product "Joomla\!" and version " >= 1.5.0 <= 1.5.15"
-
Affected