exploitDog

GHSA-vhc8-mq4m-7gwx

Опубликовано: 15 апр. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 6.3

Описание

HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.

HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.

Ссылки

EPSS

Процентиль: 32%

0.00122

Низкий

6.3 Medium

CVSS3

CVE ID

Дефекты

CWE-290

Связанные уязвимости

CVE-2024-23558

CVSS3: 6.3

nvd

почти 2 года назад

HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.

EPSS

Процентиль: 32%

0.00122

Низкий

6.3 Medium

CVSS3

CVE ID

Дефекты

CWE-290