Описание
Plone CMS 3.0.5, and probably other 3.x versions, places a base64 encoded form of the username and password in the __ac cookie for the admin account, which makes it easier for remote attackers to obtain administrative privileges by sniffing the network.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | DNE | |
| edgy | ignored | end of life, was needs-triage |
| feisty | ignored | end of life, was needs-triage |
| gutsy | ignored | end of life, was needs-triage |
| hardy | ignored | end of life |
| intrepid | ignored | end of life, was needs-triage |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | DNE |
Показывать по
10
Ссылки на источники
EPSS
Процентиль: 82%
0.0167
Низкий
10 Critical
CVSS2
Связанные уязвимости
nvd
больше 17 лет назад
Plone CMS 3.0.5, and probably other 3.x versions, places a base64 encoded form of the username and password in the __ac cookie for the admin account, which makes it easier for remote attackers to obtain administrative privileges by sniffing the network.
debian
больше 17 лет назад
Plone CMS 3.0.5, and probably other 3.x versions, places a base64 enco ...
EPSS
Процентиль: 82%
0.0167
Низкий
10 Critical
CVSS2