Log viewer in totemomail 6.0.0 build 570 allows access to sessionIDs of high privileged users by leveraging access to a read-only auditor role.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-08-29T21:21:51

Updated: 2024-08-05T09:54:03.506Z

Reserved: 2018-08-17T00:00:00

Link: CVE-2018-15513

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-08-30T09:15:16.443

Modified: 2024-11-21T03:50:58.923

Link: CVE-2018-15513

cve-icon Redhat

No data.