exploitDog

GHSA-53pg-hp8w-g7j6

Опубликовано: 01 авг. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

Session tokens in RWS WorldServer 11.7.3 and earlier have a low entropy and can be enumerated, leading to unauthorized access to user sessions.

Session tokens in RWS WorldServer 11.7.3 and earlier have a low entropy and can be enumerated, leading to unauthorized access to user sessions.

Ссылки

EPSS

Процентиль: 85%

0.02504

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-331

Связанные уязвимости

CVE-2023-38357

CVSS3: 5.3

nvd

больше 2 лет назад

Session tokens in RWS WorldServer 11.7.3 and earlier have a low entropy and can be enumerated, leading to unauthorized access to user sessions.

EPSS

Процентиль: 85%

0.02504

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-331