CVE-2019-10136 in Spacewalkinfo

Zusammenfassung

von MITRE

It was found that Spacewalk, all versions through 2.8, did not safely compute client token checksums. An attacker with a valid, but expired, authenticated set of headers could move some digits around, artificially extending the session validity without modifying the checksum.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

Red Hat, Inc.

Reservieren

27.03.2019

Moderieren

akzeptiert

Eintrag

VDB-137186

CPE

bereit

CWE

CWE-347 (bestätigt)

CVSS

4.3 (NVD)

EPSS

0.00102

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2019-10136
NVD	https://nvd.nist.gov/vuln/detail/CVE-2019-10136
CVE Details	https://www.cvedetails.com/cve/CVE-2019-10136/

◂ Zurück Übersicht Weiter ▸

Might our Artificial Intelligence support you?

Check our Alexa App!