Lucene search
+L

4 matches found

NVD
NVD
added 2020/06/22 4:15 p.m.22 views

CVE-2020-6644

An insufficient session expiration vulnerability in FortiDeceptor 3.0.0 and below allows an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID via other, hypothetical attacks...

8.1CVSS0.01028EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/06/22 3:23 p.m.25 views

CVE-2020-6644

An insufficient session expiration vulnerability in FortiDeceptor 3.0.0 and below allows an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID via other, hypothetical attacks...

8.1AI score0.01028EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2020/06/22 3:23 p.m.11 views

CVE-2020-6644

An insufficient session expiration vulnerability in FortiDeceptor 3.0.0 and below allows an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID via other, hypothetical attacks...

7.2AI score0.01028EPSS
Exploits0References1
CVE
CVE
added 2020/06/22 3:23 p.m.48 views

CVE-2020-6644

FortiDeceptor 3.0.0 and earlier suffer an insufficient session expiration vulnerability: an attacker who obtains an unexpired admin session ID can reuse it to gain admin privileges after logout. The connected sources confirm the affected product and the root cause (unexpired session IDs) but do n...

8.1CVSS8AI score0.01028EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder