Podatność CVE-2018-16153


Publikacja: 2023-12-12   Modyfikacja: 2023-12-14

Opis:
An issue was discovered in Apereo Opencast 4.x through 10.x before 10.6. It sends system digest credentials during authentication attempts to arbitrary external services in some situations.

Typ:

CWE-522

(Insufficiently Protected Credentials)

Affected software
Apereo -> Opencast 

 Referencje:
https://www.apereo.org/projects/opencast/news
https://github.com/advisories/GHSA-hcxx-mp6g-6gr9
https://github.com/opencast/opencast/commit/776d5588f39c61eb04c03bb955416c4f77629d51
https://docs.opencast.org/r/10.x/admin/#changelog

Copyright 2024, cxsecurity.com

 

Back to Top