header-logo
Suggest Exploit
vendor:
Apache Axis2
by:
8.1
CVSS
HIGH
Session Fixation
384
CWE
Product Name: Apache Axis2
Affected Version From: 1.5
Affected Version To:
Patch Exists: YES
Related CWE:
CPE: a:apache:axis2:1.5
Metasploit:
Other Scripts:
Platforms Tested: Windows, Linux, Mac

Apache Axis2 Session Fixation Vulnerability

The Apache Axis2 web application framework is prone to a session-fixation vulnerability. Attackers can exploit this issue to hijack a user's session and gain unauthorized access to the affected application.

Mitigation:

To mitigate this vulnerability, it is recommended to update to the latest version of Apache Axis2. Additionally, session management techniques such as session regeneration and session expiration should be implemented.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/41076/info

Apache Axis2 is prone to a session-fixation vulnerability.

Attackers can exploit this issue to hijack a user's session and gain unauthorized access to the affected application.

Apache Axis2 1.5 is vulnerable; other versions may also be affected. 

http://www.example.com:8080/axis2/axis2-admin/engagingglobally?submit=%2bEngage 2b&modules=

Navigation

Suggest Exploit

Services By CQR