Описание
Plone CMS 3.0.5, and probably other 3.x versions, places a base64 encoded form of the username and password in the __ac cookie for the admin account, which makes it easier for remote attackers to obtain administrative privileges by sniffing the network.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | DNE | |
| edgy | ignored | end of life, was needs-triage |
| feisty | ignored | end of life, was needs-triage |
| gutsy | ignored | end of life, was needs-triage |
| hardy | ignored | end of life |
| intrepid | ignored | end of life, was needs-triage |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | DNE |
Показывать по
10
Ссылки на источники
10 Critical
CVSS2
Связанные уязвимости
nvd
почти 18 лет назад
Plone CMS 3.0.5, and probably other 3.x versions, places a base64 encoded form of the username and password in the __ac cookie for the admin account, which makes it easier for remote attackers to obtain administrative privileges by sniffing the network.
debian
почти 18 лет назад
Plone CMS 3.0.5, and probably other 3.x versions, places a base64 enco ...
10 Critical
CVSS2