logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2019-7347

Description

A Time-of-check Time-of-use (TOCTOU) Race Condition exists in ZoneMinder through 1.32.3 as a session remains active for an authenticated user even after deletion from the users table. This allows a nonexistent user to access and modify records (add/delete Monitors, Users, etc.).


Affected Package


OS OS Version Package Name Package Version
ubuntu 20.04 zoneminder any
ubuntu 22.04 zoneminder any
ubuntu upstream zoneminder any
ubuntu 14.04 zoneminder any
ubuntu upstream zoneminder any
ubuntu 16.04 zoneminder any

Related