Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2008-1396
HistoryMar 20, 2008 - 12:00 a.m.

CVE-2008-1396

2008-03-2000:00:00
mitre
www.cve.org

7 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.9%

JSON

Plone CMS 3.x uses invariant data (a client username and a server secret) when calculating an HMAC-SHA1 value for an authentication cookie, which makes it easier for remote attackers to gain permanent access to an account by sniffing the network.

Related

cve 1
osv 1
nvd 1
ubuntucve 1
github 1
prion 1
cve
cve
CVE-2008-1396
2008-03-20 00:44:00
osv
osv
Plone credentials stored in session cookie
2022-05-01 23:39:47
nvd
nvd
CVE-2008-1396
2008-03-20 00:44:00
ubuntucve
ubuntucve
CVE-2008-1396
2008-03-20 00:00:00
github
github
Plone credentials stored in session cookie
2022-05-01 23:39:47
prion
prion
Authentication flaw
2008-03-20 00:44:00

7 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.9%

JSON
Related for CVELIST:CVE-2008-1396
cve1osv1nvd1ubuntucve1github1prion1