Security Advisory

CVE-2021-3311

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-02-05 04:47:53

Last updated 2024-08-03 16:53:17

Assigner mitre

State PUBLISHED

Description

An issue was discovered in October through build 471. It reactivates an old session ID (which had been invalid after a logout) once a new login occurs. NOTE: this violates the intended Auth/Manager.php authentication behavior but, admittedly, is only relevant if an old session ID is known to an attacker.

← Browse all CVEs View on cve.org ↗