Опубликовано: 22 сент. 2022
Источник: github
Github: Прошло ревью
CVSS4: 5.3
CVSS3: 4.4
Описание
OctoPrint vulnerable to Insufficient Session Expiration.
If an attacker comes into the possession of a victim's OctoPrint session cookie through whatever means, the attacker can use this cookie to authenticate as long as the victim's account exists. This issue is fixed in version 1.8.3.
Пакеты
Наименование
OctoPrint
pip
Затронутые версииВерсия исправления
< 1.8.3
1.8.3
Связанные уязвимости
CVSS3: 4.4
nvd
больше 3 лет назад
If an attacker comes into the possession of a victim's OctoPrint session cookie through whatever means, the attacker can use this cookie to authenticate as long as the victim's account exists.
CVSS3: 4.4
debian
больше 3 лет назад
If an attacker comes into the possession of a victim's OctoPrint sessi ...