Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:10844
HistoryJan 15, 2019 - 8:52 a.m.

Privilege Escalation

2019-01-1508:52:53
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8

0.001 Low

EPSS

Percentile

34.4%

The Luci in Red Hat Conga is vulnerable to privilege escalation. Storing usernames and passwords in __ac session cookies leads to incorrect session inactivity timeout and to get access to the user credential via the cookie.

0.001 Low

EPSS

Percentile

34.4%