Security Advisory

CVE-2019-10136

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-07-02 19:29:42

Last updated 2024-08-04 22:10:09

Assigner redhat

State PUBLISHED

Description

It was found that Spacewalk, all versions through 2.9, did not safely compute client token checksums. An attacker with a valid, but expired, authenticated set of headers could move some digits around, artificially extending the session validity without modifying the checksum.

← Browse all CVEs View on cve.org ↗