CVE-2024-11627

Summary

: Insufficient Session Expiration vulnerability in Progress Sitefinity allows : Session Fixation.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200 through 15.0.8229, from 15.1.8300 through 15.1.8327, from 15.2.8400 through 15.2.8421.

Affected Software

VendorProductVersion RangeStatus
ProgressSitefinity4.0 <= 14.4.8142affected
ProgressSitefinity15.0.8200 <= 15.0.8229affected
ProgressSitefinity15.1.8300 <= 15.1.8327affected
ProgressSitefinity15.2.8400 <= 15.2.8421affected

Weaknesses

  • CWE-613: CWE-613: Insufficient Session Expiration

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References