How severe is CVE-2024-0351?

This vulnerability has a severity rating of LOW with a CVSS score of 3.5 out of 10.

What type of vulnerability is CVE-2024-0351?

This is classified as CWE-384, which is a common weakness in software security.

CVE-2024-0351 - LOW Severity | CVSS 3.5

Vulnerability Description

A vulnerability classified as problematic has been found in SourceCodester Engineers Online Portal 1.0. This affects an unknown part. The manipulation leads to session fixiation. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250119.

Related Vulnerabilities

CVE-2017-1270

LOW

CVSS:3.3(Low)

IBM Security Guardium 10.0 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. This could force a user to utilize a cookie...

CWE-3842017

CVE-2018-11567

LOW

CVSS:3.3(Low)

Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. The reprompt feature is designed so that if Alexa does not receive an input within 8 seconds,...

CWE-3842018

CVE-2018-1484

LOW

CVSS:3.7(Low)

IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a...

CWE-3842018

CVE-2018-1804

LOW

CVSS:3.7(Low)

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 does not set the secure attribute on authorization tokens or session cookies. This could allow an attacker to obta...

CWE-3842018

CVE-2018-1962

LOW

CVSS:3.3(Low)

IBM Security Identity Manager 7.0.1 Virtual Appliance does not invalidate session tokens when the logout button is pressed. The lack of proper session termination may allow attackers with local access...

CWE-3842018

CVE-2019-4563

LOW

CVSS:3.7(Low)

IBM Security Directory Server 6.4.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or ...

CWE-3842019