Vulnerability in Netgate Pfsense

CVE-2014-4691

Session fixation vulnerability in pfSense before 2.1.4 allows remote attackers to hijack web sessions via a firewall login cookie.

EPSS: 0.026 (83.0th percentile) — read the EPSS interpretation.

Affected products

Netgate Pfsense
N/a — versions n/a

References

cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)