Publicly known cryptographic machine key in AlayaCare's Procura Portal before 9.0.1.2 allows attackers to forge their own authentication cookies and bypass the application's authentication mechanisms.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: TML
Published: 2024-02-16T04:06:17.797Z
Updated: 2024-08-02T08:28:21.849Z
Reserved: 2023-11-30T22:06:55.677Z
Link: CVE-2023-6451
Vulnrichment
Updated: 2024-08-02T08:28:21.849Z
NVD
Status : Awaiting Analysis
Published: 2024-02-16T04:15:08.090
Modified: 2024-02-16T13:37:51.433
Link: CVE-2023-6451
Redhat
No data.