3 matches found
CVE-2018-20238
Various rest resources in Atlassian Crowd before version 3.2.7 and from version 3.3.0 before version 3.3.4 allow remote attackers to authenticate using an expired user session via an insufficient session expiration vulnerability...
CVE-2018-20238
CVE-2018-20238 affects Atlassian Crowd: remote attackers can authenticate using an expired user session due to insufficient session expiration. Affected versions are Crowd prior to 3.2.7 and 3.3.0 up to 3.3.4. This is described as an authentication issue in various REST resources, enabling sessio...
Insufficient Session Expiration of user sessions - CVE-2018-20238
Various rest resources in Atlassian Crowd before version 3.2.7 and from version 3.3.0 before version 3.3.4 allow remote attackers to authenticate using an expired user session via an insufficient session expiration vulnerability...