CVE-2022-30769

Опубликовано: 15 нояб. 2022

Источник: debian

Описание

Session fixation exists in ZoneMinder through 1.36.12 as an attacker can poison a session cookie to the next logged-in user.

Пакет	Статус	Версия исправления	Релиз	Тип
zoneminder	unfixed			package

https://medium.com/@dk50u1/session-fixation-in-zoneminder-up-to-v1-36-12-3c850b1fbbf3
Only supported for trusted users/behind auth, see README.debian.security

CVE-2022-30769

CVSS3: 4.6

ubuntu

около 3 лет назад

Session fixation exists in ZoneMinder through 1.36.12 as an attacker can poison a session cookie to the next logged-in user.

CVE-2022-30769

CVSS3: 4.6

nvd

около 3 лет назад

Session fixation exists in ZoneMinder through 1.36.12 as an attacker can poison a session cookie to the next logged-in user.

GHSA-7jhg-5532-mghv

CVSS3: 4.6

github

около 3 лет назад

Session fixation exists in ZoneMinder through 1.36.12 as an attacker can poison a session cookie to the next logged-in user.