CVE-2021-42948

Опубликовано: 16 сент. 2022

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 3.7

Описание

HotelDruid Hotel Management Software v3.0.3 and below was discovered to have exposed session tokens in multiple links via GET parameters, allowing attackers to access user session id's.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	not-affected	3.0.4-1
esm-apps/bionic	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/noble	not-affected	3.0.4-1
esm-apps/xenial	needs-triage
focal	ignored	end of standard support, was needs-triage
impish	ignored	end of life
jammy	needs-triage

Показывать по

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2021-42948

EPSS

Процентиль: 40%

0.00185

Низкий

3.7 Low

CVSS3

Связанные уязвимости

CVE-2021-42948

CVSS3: 3.7

nvd

больше 3 лет назад

HotelDruid Hotel Management Software v3.0.3 and below was discovered to have exposed session tokens in multiple links via GET parameters, allowing attackers to access user session id's.

CVE-2021-42948

CVSS3: 3.7

debian

больше 3 лет назад

HotelDruid Hotel Management Software v3.0.3 and below was discovered t ...

GHSA-q4wp-vrv8-q2xh

CVSS3: 3.7

github

больше 3 лет назад

HotelDruid Hotel Management Software v3.0.3 and below was discovered to have exposed session tokens in multiple links via GET parameters, allowing attackers to access user session id's.

EPSS

Процентиль: 40%

0.00185

Низкий

3.7 Low

CVSS3

CVE-2021-42948

Описание

Пакет hoteldruid

Ссылки на источники

Связанные уязвимости