← Back

CVE-2007-5154

nvd nist
Published: Oct 1, 2007Modified: Apr 23, 2026

JSON object

Loading...
5.8
Vector
AV:N/AC:M/Au:N/C:P/I:P/A:N
Exploitability: 8.6 / Impact: 4.9
Source: NVD

Description

Session fixation vulnerability in Aipo and Aipo ASP 3.0.1.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors.

Affected (2)

Products: Aimluck: Aipo, Aipo Asp
Aimluck
2 products
Aipo
Aipo Asp
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Aipo
Up to 3.0.1.0
Aipo Asp
Up to 3.0.1.0

Related CWEs

CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

References (10)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.