Broadcom PAM Server Session Fixation Vulnerability

Vulnerability

A session fixation vulnerability has been identified in the Broadcom PAM server. This issue allows a malicious actor to manipulate the session of a PAM user by enticing them to click on a specially crafted link. Once the link is clicked, the attacker's session can be established with the targeted PAM user.

Impact

Exploitation of this vulnerability allows for session fixation, where an attacker can hijack a user's session by fixing it to their own.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

0.6

exploitability

6.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

0.6

exploitability

6.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Broadcom PAM Server Session Fixation Vulnerability

Vulnerability

Impact

Affected Products

Broadcom PAM

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating