Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2018-7675
HistoryMar 07, 2018 - 10:29 p.m.

Design/Logic Flaw

2018-03-0722:29:00
PRIOn knowledge base
www.prio-n.com
3

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.6%

JSON

In NetIQ Sentinel before 8.1.x, a Sentinel user is logged into the Sentinel Web Interface. After performing some tasks within Sentinel the user does not log out but does go idle for a period of time. This in turn causes the interface to timeout so that it requires the user to re-authenticate. If another user is passing by and decides to login, their credentials are accepted. While The user does not inherit any of the other users privileges, they are able to view the previous screen. In this case it is possible that the user can see another users events or configuration information for whatever view is currently showing.

CPENameOperatorVersion
sentinelle8.1

Related

nvd 1
cve 1
cvelist 1
nvd
nvd
CVE-2018-7675
2018-03-07 22:29:00
cve
cve
CVE-2018-7675
2018-03-07 22:29:00
cvelist
cvelist
CVE-2018-7675 Potential Information Disclosure in Sentinel
2018-03-07 22:00:00

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.6%

JSON
Related for PRION:CVE-2018-7675
nvd1cve1cvelist1