Page tree
Skip to end of metadata
Go to start of metadata

Security Assessment


Risk Probability Impact
4.8 2.2 2.5
CVSS Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N




Vulnerability Information


Application functions related to authentication and session management are often implemented incorrectly, allowing attackers to compromise passwords, keys, or session tokens, or to exploit other implementation flaws to assume other users' identities temporarily or permanently.

Abusing such vulnerability, an attacker may be able to hijack user sessions and access or modify information for which he has no permission.




Table of Contents

Contribute


You are facing an issue that is not covered in our guides, we are happy to include solutions here. Please send us an e-mail to support@crashtest-security.com.



Crashtest Security


Crashtest Security is a Munich, Germany based start-up that redefines web application vulnerability scans.  The Crashtest Security Suite is differentiating itself as a fully automated vulnerability scanner enhanced with artificial intelligence developed for the needs of the agile developer or SecDevOps. Clear vulnerability insights are provided as well as contextual actionable insights for risk mitigation. 




  • No labels