Appweb < 7.0.3 authCondition Authentication Bypass Vulnerability (CVE-2018-8715)

Descripción: La versión de Appweb instalada en el host remoto es inferior a 7.0.3, por lo tanto esta versión tiene una falla lógica relacionada con la función authCondition en http / httpLib.c. Con una solicitud HTTP falsificada, es posible eludir la autenticación para los formularios de inicio de sesion.

CVE: CVE-2018-8715

Factor de Riesgo: Medio
Valor CVSS Base: 6.8

Solución:

Actualizar la version de Appweb a 7.0.3 o posterior.

Referencias:

https://www.tenable.com/plugins/nessus/118710

https://nvd.nist.gov/vuln/detail/CVE-2018-8715

Appweb < 7.0.3 authCondition Authentication Bypass Vulnerability (CVE-2018-8715)

Appweb < 7.0.3 authCondition Authentication Bypass Vulnerability (CVE-2018-8715)

No Comment

Leave A Comment

Microsoft DNS Server Remote Code Execution (SIGRed) (CVE-2020-1350)

Oracle Database Multiple Vulnerabilities (CPU)

MS05-051: Vulnerabilities in MSDTC Could Allow Remote Code Execution (902400) (uncredentialed check)

MS06-018: Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow DoS (913580) (uncredentialed check)

Oracle GlassFish Server Administrative Console Authentication Bypass

Appweb < 7.0.3 authCondition Authentication Bypass Vulnerability (CVE-2018-8715)

No Comment

Leave A Comment

You may also like