Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.7
CVSSv2

CVE-2012-3359

Published: 31/03/2014 Updated: 07/11/2023
CVSS v2 Base Score: 3.7 | Impact Score: 6.4 | Exploitability Score: 1.9
VMScore: 329
Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P
Subscribe to Conga

Vulnerability Summary

Luci in Red Hat Conga stores the user's username and password in a Base64 encoded string in the __ac session cookie, which allows malicious users to gain privileges by accessing this cookie. NOTE: this issue has been SPLIT due to different vulnerability types. Use CVE-2013-7347 for the incorrect enforcement of a user timeout.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

redhat conga

redhat enterprise linux 5

Vendor Advisories

Red Hat: Low: conga security, bug fix, and enhancement update
Synopsis Low: conga security, bug fix, and enhancement update Type/Severity Security Advisory: Low Topic Updated conga packages that fix one security issue, multiple bugs, and addtwo enhancements are now available for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as hav ...

References

CWE-255https://bugzilla.redhat.com/show_bug.cgi?id=607179http://rhn.redhat.com/errata/RHSA-2013-0128.htmlhttps://access.redhat.com/errata/RHSA-2013:0128https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987buffer overflowCVE-2024-28890CVE-2024-27574CVE-2024-27347CVE-2024-31450privilegeSSTICVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook