CVE-2014-4691 — Pfsense vulnerability

2 documents2 sources
Severity
6.8MEDIUMNVD
EPSS
0.1%
top 69.99%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Netgate Pfsense
Timeline
PublishedJul 2
Latest updateMay 14

Description

Session fixation vulnerability in pfSense before 2.1.4 allows remote attackers to hijack web sessions via a firewall login cookie.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

â–¶NVDnetgate/pfsense2.1.3

🔴Vulnerability Details

1
GHSA
GHSA-jp47-6h9w-h86v: Session fixation vulnerability in pfSense before 2↗2022-05-14
â–¶
CVE-2014-4691 — Netgate Pfsense vulnerability | cvebase