Severity by source
AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Lifecycle Timeline
4DescriptionCVE.org
docuFORM Managed Print Service Client 11.11c is vulnerable to a session fixation attack via the login page of the application.
AnalysisAI
Session fixation vulnerability in docuFORM Managed Print Service Client 11.11c allows unauthenticated remote attackers to hijack user sessions via the login page, enabling unauthorized access to application functions and potential disclosure of sensitive print job data. The vulnerability requires user interaction (clicking a malicious link) and affects confidentiality and integrity with a CVSS score of 5.4. No public exploit code or active exploitation has been confirmed at the time of analysis.
Technical ContextAI
The vulnerability is a session fixation attack (CWE-384) occurring at the application's authentication layer. Session fixation exploits occur when an application fails to invalidate and regenerate session identifiers upon successful user authentication. An attacker can pre-establish a known session ID, trick a user into authenticating with that session, and then reuse the same session ID to impersonate the authenticated user. In this case, the flaw exists in the login page of docuFORM's Managed Print Service Client, a print management application. The attack vector is network-based and does not require authentication or special privileges from the attacker, but does require user interaction (UI:R), indicating the victim must be socially engineered or tricked into accessing a malicious link or form that fixes the session identifier.
RemediationAI
Contact docuFORM support at docuform.de to determine if a patched version of the Managed Print Service Client is available, as no specific patch version is confirmed in the available source data. If a patch has not been released, implement immediate compensating controls: enforce HTTPS-only communication for all login sessions to prevent session ID interception in transit; configure browsers and proxies to enforce secure session cookie attributes (Secure, HttpOnly, SameSite=Strict) to limit attacker ability to inject or steal session tokens; educate users not to click suspicious links that pre-establish session parameters and to always log in directly by typing the application URL; and implement server-side session validation requiring users to re-authenticate when accessing sensitive print job functions. Monitor for suspicious session activity, such as multiple login attempts from different IP addresses using the same session ID. If the vendor publishes an update, upgrade to the patched version immediately and regenerate all active sessions upon deployment.
More in Session Fixation
View allSession fixation vulnerability in Apache2Triad 1.5.4 allows remote attackers to hijack web sessions via the PHPSESSID pa
Improper session management in the /login_ok.htm endpoint of DAEnetIP4 METO v1.25 allows attackers to execute a session
Tiny File Manager v2.4.7 and below is vulnerable to session fixation. Rated critical severity (CVSS 9.8), this vulnerabi
A critical vulnerability was found in PHPGurukul User Registration & Login and User Management System V3.3 in the /login
Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24.492 is vulnerable to Session Fixation. Rated criti
An issue in China Mobile Communications China Mobile Intelligent Home Gateway v.HG6543C4 allows a remote attacker to exe
A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows a remote attacker to ex
Session Fixation in GitHub repository ikus060/rdiffweb prior to 2.4.7. Rated critical severity (CVSS 9.8), this vulnerab
Certain NetModule devices allow Limited Session Fixation via PHPSESSID. Rated critical severity (CVSS 9.8), this vulnera
An issue was discovered in DAViCal Andrew's Web Libraries (AWL) through 0.60. Rated critical severity (CVSS 9.8), this v
clonos.php in ClonOS WEB control panel 19.09 allows remote attackers to gain full access via change password requests be
Gogs 0.11.66 allows remote code execution because it does not properly validate session IDs, as demonstrated by a ".." s
Same weakness CWE-384 – Session Fixation
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-209774
GHSA-m2fh-h99m-5gh4