Lucene search
K

5 matches found

CNNVD
CNNVD
added 2023/04/05 12:0 a.m.5 views

Cisco Duo 安全漏洞

Cisco Duo is a fully managed solution from Cisco, Inc. It provides secure access to your applications and data. A security vulnerability exists in Cisco Duo Two-Factor Authentication for macOS and Duo Authentication for Windows Logon and RDP, which stems from session credentials that have not...

6.3CVSS5.2AI score0.00247EPSS
Exploits0References3
OSV
OSV
added 2022/02/11 11:42 p.m.34 views

GHSA-4W5X-X539-PPF5 Incorrect handling of credential expiry by /nats-io/nats-server

Problem Description NATS nats-server through 2020-10-07 has Incorrect Access Control because of how expired credentials are handled. The NATS accounts system has expiration timestamps on credentials; the library had an API which encouraged misuse and an IsRevoked method which misused its own API....

9.8CVSS9.5AI score0.02054EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2022/02/11 11:42 p.m.50 views

Incorrect handling of credential expiry by /nats-io/nats-server

Problem Description NATS nats-server through 2020-10-07 has Incorrect Access Control because of how expired credentials are handled. The NATS accounts system has expiration timestamps on credentials; the library had an API which encouraged misuse and an IsRevoked method which misused its own API....

9.8CVSS9.5AI score0.02054EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2021/05/21 4:11 p.m.22 views

GHSA-2C64-VJ8G-VWRQ Incorrect handling of credential expiry by /nats-io/nats-server

This advisory is canonically https://advisories.nats.io/CVE/CVE-2020-26892.txt Problem Description NATS nats-server through 2020-10-07 has Incorrect Access Control because of how expired credentials are handled. The NATS accounts system has expiration timestamps on credentials; the library had an...

9.8CVSS9.5AI score0.02054EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2021/05/21 4:11 p.m.53 views

Incorrect handling of credential expiry by /nats-io/nats-server

This advisory is canonically https://advisories.nats.io/CVE/CVE-2020-26892.txt Problem Description NATS nats-server through 2020-10-07 has Incorrect Access Control because of how expired credentials are handled. The NATS accounts system has expiration timestamps on credentials; the library had an...

9.8CVSS9.1AI score0.02054EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder