The cookie session ID is of insufficient length and can be exploited by brute force, which may allow a remote attacker to obtain a valid session, bypass authentication, and manipulate the transmitter.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2023-10-26T16:15:17.707Z

Updated: 2024-08-02T19:30:24.286Z

Reserved: 2023-10-25T15:23:55.536Z

Link: CVE-2023-42769

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-10-26T17:15:08.950

Modified: 2024-11-21T08:23:07.470

Link: CVE-2023-42769

cve-icon Redhat

No data.