CVE-2017-5141
N/A
N/A
Summary
An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. An attacker can establish a new user session, without invalidating any existing session identifier, which gives the opportunity to steal authenticated sessions (SESSION FIXATION).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Honeywell XL Web II Controller | Honeywell XL Web II Controller | affected |
Weaknesses
- Honeywell XL Web II Controller SESSION FIXATION
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.