Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:41 a.m.13 views

CVE-2023-23614

Pi-hole®'s Web interface based off of AdminLTE provides a central location to manage your Pi-hole. Versions 4.0 and above, prior to 5.18.3 are vulnerable to Insufficient Session Expiration. Improper use of admin WEBPASSWORD hash as "Remember me for 7 days" cookie value makes it possible for an...

8.8CVSS6.7AI score0.0097EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2023/02/01 12:0 a.m.21 views

Pi-hole Web Interface 4.x < 5.8.13 Insufficient Session Expiration Vulnerability

The Pi-hole Web Interface previously AdminLTE is prone to an insufficient session expiration vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

8.8CVSS8.5AI score0.0097EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/01/26 10:15 a.m.44 views

CVE-2023-23614 Improper session handling of "Remember me for 7 days" functionality

Pi-hole®'s Web interface based off of AdminLTE provides a central location to manage your Pi-hole. Versions 4.0 and above, prior to 5.18.3 are vulnerable to Insufficient Session Expiration. Improper use of admin WEBPASSWORD hash as "Remember me for 7 days" cookie value makes it possible for an...

8.8CVSS8.8AI score0.0097EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/01/26 10:15 a.m.12 views

CVE-2023-23614 Improper session handling of "Remember me for 7 days" functionality

Pi-hole®'s Web interface based off of AdminLTE provides a central location to manage your Pi-hole. Versions 4.0 and above, prior to 5.18.3 are vulnerable to Insufficient Session Expiration. Improper use of admin WEBPASSWORD hash as "Remember me for 7 days" cookie value makes it possible for an...

8.8CVSS8.8AI score0.0097EPSS
Exploits1References1
CVE
CVE
added 2023/01/26 10:15 a.m.93 views

CVE-2023-23614

Pi-hole Web Interface (AdminLTE) versions 4.0–5.18.2 are affected by Insufficient Session Expiration due to improper use of the admin WEBPASSWORD hash as the Remember me for 7 days cookie. The cookie’s value can be used to login (pass-the-hash) and remains valid so long as the admin password is u...

8.8CVSS8.6AI score0.0097EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder