CVE-2018-1127
CVE-2018-1127 affects Tendrl API in Red Hat Gluster Storage prior to 3.4.0, where session tokens are not immediately invalidated on logout and remain usable for a short window. This allows an attacker who captured tokens (e.g., via sniffing/MITM) to replay them and authenticate as the target user...