← Zuruck zu CVEs
CVE-2019-14826
MEDIUM4.4
Beschreibung
A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies were retained in the cache after logout. An attacker could abuse this flaw if they obtain previously valid session cookies and can use this to gain access to the session.
CVE Details
CVSS v3.1 Bewertung4.4
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienHIGH
BenutzerinteraktionNONE
Veroffentlicht9/17/2019
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
freeipa:freeiparedhat:enterprise_linux
Schwachen (CWE)
CWE-613CWE-613
Referenzen
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14826(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14826(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.