ByteOS Network

NVD Vulnerability Details :

CVE-2022-30769

Modified

Source-cve@mitre.org

Published At-15 Nov, 2022 | 22:15

Updated At-30 Apr, 2025 | 17:15

Session fixation exists in ZoneMinder through 1.36.12 as an attacker can poison a session cookie to the next logged-in user.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Type	Version	Base score	Base severity	Vector
Primary	3.1	4.6	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
Secondary	3.1	4.6	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

Type: Primary

Version: 3.1

Base score: 4.6

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

Type: Secondary

Version: 3.1

Base score: 4.6

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

zoneminder>>zoneminder>>Versions up to 1.36.12(inclusive)

CWE ID	Type	Source
CWE-384	Primary	nvd@nist.gov
CWE-384	Secondary	134c704f-9b21-4f2e-91b3-4a467353bcc0

CWE ID: CWE-384

Type: Primary

Source: nvd@nist.gov

CWE ID: CWE-384

Type: Secondary

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Hyperlink	Source	Resource
https://github.com/ZoneMinder/zoneminder/releases	cve@mitre.org	Third Party Advisory
https://medium.com/%40dk50u1/session-fixation-in-zoneminder-up-to-v1-36-12-3c850b1fbbf3	cve@mitre.org	N/A
https://github.com/ZoneMinder/zoneminder/releases	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
https://medium.com/%40dk50u1/session-fixation-in-zoneminder-up-to-v1-36-12-3c850b1fbbf3	af854a3a-2127-422b-91ae-364da2661108	N/A