Lucene search
Ecc0f906-8666-484c-bcf8-c3b7520a72f0NVD:CVE-2024-27179HistoryJun 14, 2024 - 4:15 a.m.
CVE-2024-27179
2024-06-1404:15:39
CWE-1295
ecc0f906-8666-484c-bcf8-c3b7520a72f0
web.nvd.nist.gov
3
clear-text
admin cookies
logs
authentication bypass
reference url
4.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
0.0004 Low
EPSS
Percentile
15.6%
Admin cookies are written in clear-text in logs. An attacker can retrieve them and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL.
Related
cve
cve
CVE-2024-27179
2024-06-14 04:15:39
vulnrichment
vulnrichment
CVE-2024-27179 Session disclosure inside the log files
2024-06-14 04:09:24
cvelist
cvelist
CVE-2024-27179 Session disclosure inside the log files
2024-06-14 04:09:24
4.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
0.0004 Low
EPSS
Percentile
15.6%
Related for NVD:CVE-2024-27179