CVE-2017-12619
published 2019-04-23CVE-2017-12619: Apache Zeppelin prior to 0.7.3 was vulnerable to session fixation which allowed an attacker to hijack a valid user session. Issue was reported by "stone lone".
high8.1CVSS 3.0
AVNACLPRNUIRSUCHIHAN
Apache Zeppelin prior to 0.7.3 was vulnerable to session fixation which allowed an attacker to hijack a valid user session. Issue was reported by "stone lone".
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | zeppelin | < 0.7.3 | 0.7.3 |
| apache_software_foundation | apache_zeppelin | — | — |