CVE-2021-3113 – Netsia SEBA+ through 0.16.1 build 70-e669dcd7 allows remote attackers to discover session …

17 January 2021

Vuln ID: CVE-2021-3113

Published: 2021-01-17 03:15:15Z

Description: Netsia SEBA+ through 0.16.1 build 70-e669dcd7 allows remote attackers to discover session cookies via a direct /session/list/allActiveSession request. For example, the attacker can discover the admin’s cookie if the admin account happens to be logged in when the allActiveSession request occurs, and can then use that cookie immediately for admin access,

Source: NVD.NIST.GOV

Date:

17 January 2021

Categorie(s):

NVD

Tag(s):

NVD

Communication is Key – Leveraging Business Frameworks to Develop a Detection and Response Strategy 23 April 2024
Russian group exploits Windows print spooler bug via ‘GooseEgg’ malware23 April 2024
UnitedHealth admits IT security breach could ‘cover substantial proportion of people in America’23 April 2024
New Bitsight, Moody’s service seeks to bolster cyber risk management23 April 2024
Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028)23 April 2024