← Back to CVEs
CVE-2018-4300
N/ADescription
The session cookie generated by the CUPS web interface was easy to guess on Linux, allowing unauthorized scripted access to the web interface when the web interface is enabled. This issue affected versions prior to v2.2.10.
CVE Details
CVSS v3.1 ScoreN/A
Published4/3/2019
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
apple:cups
Weaknesses (CWE)
CWE-200
References
http://www.securityfocus.com/bid/107785(product-security@apple.com)
https://github.com/apple/cups/releases/tag/v2.2.10(product-security@apple.com)
https://lists.debian.org/debian-lts-announce/2019/09/msg00028.html(product-security@apple.com)
http://www.securityfocus.com/bid/107785(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/apple/cups/releases/tag/v2.2.10(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2019/09/msg00028.html(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.