Описание
Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. One user can attempt to log in as another user without its password.
Ссылки
- PatchThird Party Advisory
- Release NotesThird Party Advisory
- PatchThird Party Advisory
- Release NotesThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 2.0.0 (включая) до 2.6.1 (исключая)
cpe:2.3:a:glewlwyd_project:glewlwyd:*:*:*:*:*:*:*:*
EPSS
Процентиль: 53%
0.00299
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-287
Связанные уязвимости
CVSS3: 8.8
ubuntu
около 4 лет назад
Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. One user can attempt to log in as another user without its password.
CVSS3: 8.8
debian
около 4 лет назад
Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access cont ...
CVSS3: 8.8
github
около 4 лет назад
Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. One user can attempt to log in as another user without its password.
EPSS
Процентиль: 53%
0.00299
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-287