Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Luci in Red Hat Conga stores the user's username and password in a Base64 encoded string in the __ac session cookie, which allows attackers to gain privileges by accessing this cookie. NOTE: this issue has been SPLIT due to different vulnerability types. Use CVE-2013-7347 for the incorrect enforcement of a user timeout.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Red Hat Conga 信任管理问题漏洞
Vulnerability Description
Red Hat Conga是美国红帽(Red Hat)公司的一套基于Web的集群管理工具。 Red Hat Conga的Luci组件存在信任管理问题漏洞,该漏洞源于__ac会话cookie中的Base64编码字符串存储用户名和密码。远程攻击者可通过访问cookie利用该漏洞获取特权。
CVSS Information
N/A
Vulnerability Type
N/A