CVE-2024-27179

Опубликовано: 14 июн. 2024

Источник: nvd

CVSS3: 4.7

EPSS Низкий

Описание

Admin cookies are written in clear-text in logs. An attacker can retrieve them and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL.

Ссылки

http://seclists.org/fulldisclosure/2024/Jul/1
https://jvn.jp/en/vu/JVNVU97136265/index.html
https://www.toshibatec.com/information/20240531_01.html
https://www.toshibatec.com/information/pdf/information20240531_01.pdf
http://seclists.org/fulldisclosure/2024/Jul/1
https://jvn.jp/en/vu/JVNVU97136265/index.html
https://www.toshibatec.com/information/20240531_01.html
https://www.toshibatec.com/information/pdf/information20240531_01.pdf

EPSS

Процентиль: 8%

0.0003

Низкий

4.7 Medium

CVSS3

Дефекты

CWE-1295

Связанные уязвимости

GHSA-q76q-cwc5-25wv