Lucene search
GoogleOSV:GO-2024-2532HistoryJun 28, 2024 - 3:28 p.m.
Boundary vulnerable to session hijacking through TLS certificate tampering in github.com/hashicorp/boundary
2024-06-2815:28:53
Google
osv.dev
2
boundary
session hijacking
tls certificate
github.com/hashicorp/boundary
software
8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
6.7 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
19.4%
Boundary vulnerable to session hijacking through TLS certificate tampering in github.com/hashicorp/boundary
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/hashicorp/boundary | ge | 0.8.0 | |
| github.com/hashicorp/boundary | lt | 0.15.0 |
Related
nvd
nvd
CVE-2024-1052
2024-02-05 21:15:11
osv
osv
Boundary vulnerable to session hijacking through TLS certificate tampering
2024-02-05 21:30:31
github
github
Boundary vulnerable to session hijacking through TLS certificate tampering
2024-02-05 21:30:31
prion
prion
Session fixation
2024-02-05 21:15:00
vulnrichment
vulnrichment
veracode
veracode
Session Hijacking
2024-02-06 14:39:43
cve
cve
CVE-2024-1052
2024-02-05 21:15:11
cvelist
cvelist
8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
6.7 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
19.4%
Related for OSV:GO-2024-2532