3 matches found
CVE-2023-41041
CVE-2023-41041 concerns Graylog2-server where, in a multi-node cluster, a user session can remain valid for API requests after logout due to per-node session caching. When a user logs out, local caches are cleared and the database may delete the session, but other nodes retain a cached copy, allo...
com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (=5.2.0), com.airbus-cyber-security.graylog:graylog-plugin-correlation-count (=5.1.2) +3 more potentially affected by CVE-2023-41041 via org.graylog2:graylog2-server (>=5.1.0 <=5.1.2)
org.graylog2:graylog2-server MAVEN version =5.1.0, =5.1.0, =5.1.0, =5.1.13 Source cves: CVE-2023-41041 Source advisory: OSV:GHSA-3FQM-FRHG-7C85...
CVE-2023-41041
creationtimestamp| type| source ---|---|--- 2023-07-05 16:13:23+00:00| published-proof-of-concept| https://github.com/Graylog2/graylog2-server/security/advisories/GHSA-3fqm-frhg-7c85 2023-08-31 02:23:00+00:00| seen| https://t.me/cibsecurity/69489...