CVE-2011-4136 in djangoinformação

Sumário

de MITRE

django.contrib.sessions in Django before 1.2.7 and 1.3.x before 1.3.1, when session data is stored in the cache, uses the root namespace for both session identifiers and application-data keys, which allows remote attackers to modify a session by triggering use of a key that is equal to that session s identifier.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservar

19/10/2011

Divulgação

19/10/2011

Moderação

aceite

Entrada

VDB-59141

CPE

pronto

CWE

CWE-20 (confirmado)

CVSS

5.8 (NVD)

EPSS

0.02284

KEV

não

Atividades

muito baixo

Sector

Lawfirm, Hostingprovider, ...

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-4136
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-4136
CVE Details	https://www.cvedetails.com/cve/CVE-2011-4136/

◂ Voltar Visão Geral Próximo ▸

Might our Artificial Intelligence support you?

Check our Alexa App!