5 matches found
CVE-2023-23614
Pi-hole®'s Web interface based off of AdminLTE provides a central location to manage your Pi-hole. Versions 4.0 and above, prior to 5.18.3 are vulnerable to Insufficient Session Expiration. Improper use of admin WEBPASSWORD hash as "Remember me for 7 days" cookie value makes it possible for an...
Pi-hole Web Interface 4.x < 5.8.13 Insufficient Session Expiration Vulnerability
The Pi-hole Web Interface previously AdminLTE is prone to an insufficient session expiration vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
CVE-2023-23614 Improper session handling of "Remember me for 7 days" functionality
Pi-hole®'s Web interface based off of AdminLTE provides a central location to manage your Pi-hole. Versions 4.0 and above, prior to 5.18.3 are vulnerable to Insufficient Session Expiration. Improper use of admin WEBPASSWORD hash as "Remember me for 7 days" cookie value makes it possible for an...
CVE-2023-23614 Improper session handling of "Remember me for 7 days" functionality
Pi-hole®'s Web interface based off of AdminLTE provides a central location to manage your Pi-hole. Versions 4.0 and above, prior to 5.18.3 are vulnerable to Insufficient Session Expiration. Improper use of admin WEBPASSWORD hash as "Remember me for 7 days" cookie value makes it possible for an...
CVE-2023-23614
Pi-hole Web Interface (AdminLTE) versions 4.0–5.18.2 are affected by Insufficient Session Expiration due to improper use of the admin WEBPASSWORD hash as the Remember me for 7 days cookie. The cookie’s value can be used to login (pass-the-hash) and remains valid so long as the admin password is u...