Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2008-1396
HistoryMar 20, 2008 - 12:44 a.m.

Authentication flaw

2008-03-2000:44:00
PRIOn knowledge base
www.prio-n.com
1

7.6 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.9%

JSON

Plone CMS 3.x uses invariant data (a client username and a server secret) when calculating an HMAC-SHA1 value for an authentication cookie, which makes it easier for remote attackers to gain permanent access to an account by sniffing the network.

Related

cve 1
osv 1
cvelist 1
nvd 1
ubuntucve 1
github 1
cve
cve
CVE-2008-1396
2008-03-20 00:44:00
osv
osv
Plone credentials stored in session cookie
2022-05-01 23:39:47
cvelist
cvelist
CVE-2008-1396
2008-03-20 00:00:00
nvd
nvd
CVE-2008-1396
2008-03-20 00:44:00
ubuntucve
ubuntucve
CVE-2008-1396
2008-03-20 00:00:00
github
github
Plone credentials stored in session cookie
2022-05-01 23:39:47

7.6 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.9%

JSON
Related for PRION:CVE-2008-1396
cve1osv1cvelist1nvd1ubuntucve1github1