{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-09T11:35:15.859","vulnerabilities":[{"cve":{"id":"CVE-2019-10158","sourceIdentifier":"secalert@redhat.com","published":"2020-01-02T15:15:11.647","lastModified":"2024-11-21T04:18:32.437","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in Infinispan through version 9.4.14.Final. An improper implementation of the session fixation protection in the Spring Session integration can result in incorrect session handling."},{"lang":"es","value":"Se encontró un fallo en Infinispan versiones hasta la versión 9.4.14.Final. Una implementación inapropiada de la protección de fijación de sesión en la integración de Spring Session puede resultar en un manejo de sesión incorrecto."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV30":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-384"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-384"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:infinispan:infinispan:*:*:*:*:*:*:*:*","versionEndIncluding":"9.4.14","matchCriteriaId":"18DD24C6-07DC-4EB0-926A-475ED217F555"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:jboss_data_grid:7.0.0:*:*:*:*:*:*:*","matchCriteriaId":"CD354E32-A8B0-484C-B4C6-9FBCD3430D2D"}]}]}],"references":[{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10158","source":"secalert@redhat.com","tags":["Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://github.com/infinispan/infinispan/pull/6960","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://github.com/infinispan/infinispan/pull/7025","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20231227-0009/","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10158","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://github.com/infinispan/infinispan/pull/6960","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/infinispan/infinispan/pull/7025","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20231227-0009/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}