exploitDog

CVE-2021-38823

Опубликовано: 04 окт. 2021

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

The IceHrm 30.0.0 OS website was found vulnerable to Session Management Issue. A signout from an admin account does not invalidate an admin session that is opened in a different browser.

Ссылки

https://www.navidkagalwalla.com/icehrm-vulnerabilities
Exploit
Third Party Advisory
https://www.navidkagalwalla.com/icehrm-vulnerabilities
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:icehrm:icehrm:30.0.0.os:*:*:*:*:*:*:*

EPSS

Процентиль: 59%

0.00377

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-613

Связанные уязвимости

GHSA-v2x8-2rv7-79j3

github

больше 3 лет назад

The IceHrm 30.0.0 OS website was found vulnerable to Session Management Issue. A signout from an admin account does not invalidate an admin session that is opened in a different browser.

EPSS

Процентиль: 59%

0.00377

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-613