Session Attacks

Session Fixation Severity: High | CWE: CWE-384 OWASP: A07:2021 – Identification and Authentication Failures What Is Session Fixation? Session fixation occurs when an application does not issue a new session identifier after successful authentication. An attacker who can set or predict the victim’s pre-authentication session ID can then wait for the victim to log in and immediately reuse that same ID to gain authenticated access. The classic scenario requires the attacker to be able to push a known session ID to the victim — via URL parameter, cookie injection, or subdomain cookie injection. ...

Session Puzzling / Session Variable Overloading Severity: High | CWE: CWE-384, CWE-613 OWASP: A07:2021 – Identification and Authentication Failures What Is Session Puzzling? Session Puzzling (also called Session Variable Overloading) is a vulnerability where the same session variable is used for different purposes in different application contexts, and an attacker can exploit this reuse to bypass authentication or authorization controls. The core issue: when the same key in the session store holds different semantic meaning depending on which workflow put it there, an attacker can use one workflow to set a value that satisfies the check in another workflow. ...