Описание
The login protocol in RealChat 3.5.1b does not use authentication, which allows remote attackers to log on as other users by sniffing the beginning of a chat session and replaying it via a modified username.
Ссылки
- ExploitVendor Advisory
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:realchat:realchat:3.5.1b:*:*:*:*:*:*:*
EPSS
Процентиль: 71%
0.00669
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
The login protocol in RealChat 3.5.1b does not use authentication, which allows remote attackers to log on as other users by sniffing the beginning of a chat session and replaying it via a modified username.
EPSS
Процентиль: 71%
0.00669
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other