Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2014-10400

Опубликовано: 06 фев. 2020
Источник: debian
EPSS Низкий

Описание

The session.lua library in CGILua 5.0.x uses sequential session IDs, which makes it easier for remote attackers to predict the session ID and hijack arbitrary sessions. NOTE: this vulnerability was SPLIT from CVE-2014-2875.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
lua-cginot-affectedpackage

Примечания

  • https://seclists.org/fulldisclosure/2014/Apr/318

EPSS

Процентиль: 63%
0.00456
Низкий

Связанные уязвимости

nvd логотип

CVE-2014-10400

CVSS3: 6.1
nvd
около 6 лет назад

The session.lua library in CGILua 5.0.x uses sequential session IDs, which makes it easier for remote attackers to predict the session ID and hijack arbitrary sessions. NOTE: this vulnerability was SPLIT from CVE-2014-2875.

github логотип

GHSA-cj22-pqgj-4mxv

github
больше 3 лет назад

The session.lua library in CGILua 5.0.x uses sequential session IDs, which makes it easier for remote attackers to predict the session ID and hijack arbitrary sessions. NOTE: this vulnerability was SPLIT from CVE-2014-2875.

EPSS

Процентиль: 63%
0.00456
Низкий