Lucene search
China National Vulnerability DatabaseCNVD-2024-09866HistoryFeb 22, 2024 - 12:00 a.m.
Graylog Authorization Issues Vulnerability
2024-02-2200:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
graylog
authorization
vulnerability
cookie injection
authentication bypass
log management
Graylog is a centralized log management solution from Graylog USA. The product supports capturing, storing and analyzing logs in real time, among other things. Graylog has an authorization issue vulnerability that stems from the presence of a cookie injection vulnerability. A remote attacker could exploit this vulnerability to cause authentication bypass.
| CPE | Name | Operator | Version |
|---|---|---|---|
| graylog graylog >=5.2.0, | lt | 5.2.4 | |
| graylog graylog >=4.3.0, | lt | 5.1.11 |
Related
cvelist
cvelist
veracode
veracode
Session Fixation
2024-02-08 06:46:44
github
github
Graylog session fixation vulnerability through cookie injection
2024-02-07 18:24:20
nvd
nvd
CVE-2024-24823
2024-02-07 18:15:54
osv
osv
Graylog session fixation vulnerability through cookie injection
2024-02-07 18:24:20
CVE-2024-24823
2024-02-07 18:15:54
cve
cve
CVE-2024-24823
2024-02-07 18:15:54
prion
prion
Cross site scripting
2024-02-07 18:15:00