CVE-2020-24719 – Exposed Erlang Cookie could lead to Remote Command Execution (RCE) attack. Communication b …

12 November 2020

Vuln ID: CVE-2020-24719

Published: 2020-11-12 21:15:10Z

Description: Exposed Erlang Cookie could lead to Remote Command Execution (RCE) attack. Communication between Erlang nodes is done by exchanging a shared secret (aka "magic cookie"). There are cases where the magic cookie is included in the content of the logs. An attacker can use the cookie to attach to an Erlang node and run OS level commands on the system running the Erlang node. Affects version: 6.5.1. Fix version: 6.6.0.

Source: NVD.NIST.GOV

Date:

12 November 2020

Categorie(s):

NVD

Tag(s):

NVD

Fortinet named a Challenger in the 2024 Gartner® Magic Quadrant™ for Security Service Edge20 April 2024
AI-Controlled Fighter Jets Are Dogfighting With Human Pilots Now20 April 2024
Phishing Scams in the Gaming Community20 April 2024
Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks20 April 2024
Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack20 April 2024