CVE-2024-23590

CVE-2024-23590: Apache Kylin: Session fixation in web interface

Vendor Apache Software Foundation

Product Apache Kylin

Weakness CWE-384 · Session fixation

Published November 4, 2024

Last update November 5, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

Session Fixation vulnerability in Apache Kylin. This issue affects Apache Kylin: from 2.0.0 through 4.x. Users are recommended to upgrade to version 5.0.0 or above, which fixes the issue.

Key dates

Disclosure timeline

November 4, 2024 CVE published

November 5, 2024 Record updated