If an attacker comes into the possession of a victim's OctoPrint session cookie through whatever means, the attacker can use this cookie to authenticate as long as the victim's account exists.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: @huntrdev
Published: 2022-09-21T11:25:08
Updated: 2024-08-03T00:52:59.606Z
Reserved: 2022-08-18T00:00:00
Link: CVE-2022-2888
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-09-21T12:15:09.923
Modified: 2022-09-22T15:40:24.917
Link: CVE-2022-2888
Redhat
No data.