CVE-2024-4596

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-4596

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-4596.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-4596

Aliases

GHSA-6f3v-2r2j-2rpr

Published

2024-05-07T16:15:08Z

Modified

2025-05-24T03:39:44.514423Z

Summary

[none]

Details

A vulnerability was found in Kimai up to 2.15.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Session Handler. The manipulation of the argument PHPSESSIONID leads to information disclosure. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. Upgrading to version 2.16.0 is able to address this issue. It is recommended to upgrade the affected component. VDB-263318 is the identifier assigned to this vulnerability.

References

Affected packages

Git / github.com/kimai/kimai

Affected ranges

Type: GIT
Repo: https://github.com/kimai/kimai
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

99c296a751d66cdc64196af8f2daaf7f9b8dd416

Fixed

99c296a751d66cdc64196af8f2daaf7f9b8dd416

Affected versions

0.*

0.1

0.2

0.3

0.4

0.5

0.6

0.6.1

0.7

0.8

0.8.1

0.9

1.*

1.0

1.0.1

1.1

1.10

1.10.1

1.10.2

1.11

1.11.1

1.12

1.13

1.14

1.14.1

1.14.2

1.14.3

1.15

1.15.1

1.15.2

1.15.3

1.15.4

1.15.5

1.15.6

1.16

1.16.1

1.16.10

1.16.2

1.16.3

1.16.4

1.16.5

1.16.6

1.16.7

1.16.8

1.16.9

1.17

1.17.1

1.18

1.18.1

1.18.2

1.19

1.19.1

1.19.2

1.19.3

1.19.4

1.19.5

1.19.6

1.19.7

1.2

1.20

1.20.1

1.20.2

1.20.3

1.20.4

1.21.0

1.22.0

1.22.1

1.23.0

1.23.1

1.24.0

1.25.0

1.26.0

1.27.0

1.28.0

1.28.1

1.29.0

1.29.1

1.3

1.30.0

1.30.1

1.30.4

1.4

1.4.1

1.4.2

1.5

1.6

1.6.1

1.6.2

1.7

1.8

1.9

2.*

2.0.0

2.0.0-alpha

2.0.0-beta

2.0.0-beta-2

2.0.0-beta-3

2.0.0-rc-1

2.0.1

2.0.10

2.0.11

2.0.12

2.0.13

2.0.14

2.0.15

2.0.16

2.0.17

2.0.18

2.0.19

2.0.2

2.0.20

2.0.21

2.0.22

2.0.23

2.0.24

2.0.25

2.0.26

2.0.27

2.0.28

2.0.29

2.0.3

2.0.30

2.0.31

2.0.32

2.0.33

2.0.34

2.0.35

2.0.4

2.0.5

2.0.6

2.0.7

2.0.8

2.0.9

2.1.0

2.10.0

2.11.0

2.12.0

2.13.0

2.14.0

2.15.0

2.2.0

2.2.1

2.3.0

2.4.0

2.4.1

2.5.0

2.6.0

2.7.0

2.8.0

2.9.0