Unrated severityNVD Advisory· Published Aug 9, 2023· Updated Sep 20, 2024
Session Fixation in Guardian/CMC before 22.6.2
CVE-2023-24477
Description
In certain conditions, depending on timing and the usage of the Chrome web browser, Guardian/CMC versions before 22.6.2 do not always completely invalidate the user session upon logout. Thus an authenticated local attacker may gain acces to the original user's session.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3<22.6.2+ 1 more
- (no CPE)range: <22.6.2
- (no CPE)range: 0
- Range: 0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.