Lucene search
K

4 matches found

Circl
Circl
added 2023/01/18 12:15 a.m.5 views

CVE-2023-22732

creationtimestamp| type| source ---|---|--- 2023-01-18 00:15:45+00:00| seen| https://t.me/cibsecurity/56638...

9.8CVSS8.7AI score0.0073EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/01/17 9:34 p.m.7 views

CVE-2023-22732 Insufficient Session Expiration in Administration in shopware

Shopware is an open source commerce platform based on Symfony Framework and Vue js. The Administration session expiration was set to one week, when an attacker has stolen the session cookie they could use it for a long period of time. In version 6.4.18.1 an automatic logout into the Administratio...

3.7CVSS7AI score0.0073EPSS
Exploits0References3
CVE
CVE
added 2023/01/17 9:34 p.m.114 views

CVE-2023-22732

Shopware administration session expiration was set to one week, enabling reuse of a stolen session cookie. The issue is documented across multiple sources (CVE-2023-22732) and is mitigated by updating to version 6.4.18.1, which adds automatic logout after inactivity. The vulnerability affects the...

9.8CVSS6.6AI score0.0073EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/01/17 9:34 p.m.25 views

CVE-2023-22732 Insufficient Session Expiration in Administration in shopware

Shopware is an open source commerce platform based on Symfony Framework and Vue js. The Administration session expiration was set to one week, when an attacker has stolen the session cookie they could use it for a long period of time. In version 6.4.18.1 an automatic logout into the Administratio...

3.7CVSS9.7AI score0.0073EPSS
Exploits0References3
Rows per page
Query Builder