CVE-2018-10847

🗓️ 30 Jul 2018 17:00:29Reported by redhatType

Prosody before versions 0.10.2, 0.9.14 is vulnerable to an Authentication Bypass

Reporter	Title	Published	Views	Family All 28
SUSE Linux	Security update for prosody (moderate)	9 Jun 201815:11	–	suse
SUSE Linux	Security update for prosody (moderate)	9 Jun 201815:13	–	suse
Tenable Nessus	Ubuntu 18.04 ESM : Prosody vulnerability (USN-4834-1)	16 Oct 202300:00	–	nessus
Tenable Nessus	Fedora 27 : prosody (2018-455803056d)	11 Jun 201800:00	–	nessus
Tenable Nessus	Debian DSA-4216-1 : prosody - security update	5 Jun 201800:00	–	nessus
Tenable Nessus	openSUSE Security Update : prosody (openSUSE-2019-414)	27 Mar 201900:00	–	nessus
Tenable Nessus	Fedora 28 : prosody (2018-18f8c6ce79)	3 Jan 201900:00	–	nessus
Tenable Nessus	openSUSE Security Update : prosody (openSUSE-2018-596)	11 Jun 201800:00	–	nessus
Tenable Nessus	openSUSE Security Update : prosody (openSUSE-2018-597)	12 Jun 201800:00	–	nessus
UbuntuCve	CVE-2018-10847	30 Jul 201800:00	–	ubuntucve

Nvd

Vulners

Node

prosody prosodyRange<0.9.14

prosody prosodyMatch0.10.0

prosody prosodyMatch0.10.1

[
  {
    "product": "prosody",
    "vendor": "[UNKNOWN]",
    "versions": [
      {
        "status": "affected",
        "version": "0.10.2"
      },
      {
        "status": "affected",
        "version": "0.9.14"
      }
    ]
  }
]

Source	Link
prosody	www.prosody.im/security/advisory_20180531/
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
blog	www.blog.prosody.im/prosody-0-10-2-security-release/
debian	www.debian.org/security/2018/dsa-4216
issues	www.issues.prosody.im/1147

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

30 Jul 2018 17:29Current

8.3High risk

Vulners AI Score8.3

CVSS26.5

CVSS34.2 - 8.8

EPSS0.00223