CVE-2024-56529
Published Jan 28, 2025
Last updated 9 days ago
- Description
- Mailcow through 2024-11b has a session fixation vulnerability in the web panel. It allows remote attackers to set a session identifier when HSTS is disabled on a victim's browser. After a user logs in, they are authenticated and the session identifier is valid. Then, a remote attacker can access the victim's web panel with the same session identifier.
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-384
- Hype score
- Not currently trending
#Vulnerability #CVE202456529 CVE-2024-56529: mailcow Patches Session Fixation Vulnerability in Web Panel https://t.co/qi8HhOvOgB
@Komodosec
11 Feb 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-56529: Session Fixation in Mailcow, 7.5 rating❗️ App does not disable old session IDs, which allows a remote attacker to use existing IDs in the victim's browser. Search at https://t.co/hv7QKSr5Jp: 👉 Link: https://t.co/CUwxrwOKlp #cybersecurity #vulnerability_map htt
@Netlas_io
3 Feb 2025
890 Impressions
2 Retweets
10 Likes
3 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2024-56529 2 - CVE-2025-0950 3 - CVE-2025-24118 4 - CVE-2025-21293 5 - CVE-2024-43707 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
3 Feb 2025
21 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
🚨🚨CVE-2024-56529: mailcow Patches Session Fixation Vulnerability in Web Panel ⚠️It stems from the login page’s failure to invalidate existing session identifiers, potentially allowing attackers to set a session identifier in a user’s browser and gain unauthorized access to… htt
@y1659rsgh
2 Feb 2025
15 Impressions
1 Retweet
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨🚨CVE-2024-56529: mailcow Patches Session Fixation Vulnerability in Web Panel ⚠️It stems from the login page’s failure to invalidate existing session identifiers, potentially allowing attackers to set a session identifier in a user’s browser and gain unauthorized access to… htt
@zoomeye_team
2 Feb 2025
755 Impressions
2 Retweets
9 Likes
1 Bookmark
0 Replies
0 Quotes
mailcowでセッションフィクセーションの脆弱性が修正された。CVE-2024-56529はCVSSスコア7.0で、ログインページで既存のセッションIDが無効化されてないことに起因し、攻撃者が利用者のブラウザにセッションIDを設定することでの不正アクセスの可能性。 https://t.co/dAxFsNCeJy
@__kokumoto
2 Feb 2025
512 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-56529: mailcow Patches Session Fixation Vulnerability in Web Panel Discover the CVE-2024-56529 vulnerability in mailcow and its potential impact on user sessions. Take steps to protect your account. https://t.co/vNblcGcyTx
@the_yellow_fall
2 Feb 2025
529 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🗣 CVE-2024-56529: mailcow Patches Session Fixation Vulnerability in Web Panel https://t.co/NegmMMYMIt
@fridaysecurity
2 Feb 2025
284 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-56529 Mailcow through 2024-11b has a session fixation vulnerability in the web panel. It allows remote attackers to set a session identifier when HSTS is disabled on a vict… https://t.co/tjDwtF4gwP
@CVEnew
28 Jan 2025
432 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
1 Quote