Lucene search

K
prionPRIOn knowledge basePRION:CVE-2019-5885
HistoryMar 21, 2019 - 4:01 p.m.

Authentication flaw

2019-03-2116:01:00
PRIOn knowledge base
www.prio-n.com
1

7.6 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.2%

Matrix Synapse before 0.34.0.1, when the macaroon_secret_key authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers to impersonate users.

CPENameOperatorVersion
fedoraeq28
fedoraeq29
synapselt0.34.0.1

7.6 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.2%