CVE-2017-12619

Summary

Apache Zeppelin prior to 0.7.3 was vulnerable to session fixation which allowed an attacker to hijack a valid user session. Issue was reported by "stone lone".

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache Zeppelinprior to 0.7.3affected

Weaknesses

  • Session Fixation

ADP Enrichment

CVE Program Container

Additional References

References