Security Advisory

CVE-2021-38618

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-10-04 17:23:49

Last updated 2025-05-30 16:01:43

Assigner mitre

State PUBLISHED

Description

In GFOS Workforce Management 4.8.272.1, the login page of application is prone to authentication bypass, allowing anyone (who knows a users credentials except the password) to get access to an account. This occurs because of JSESSIONID mismanagement.

← Browse all CVEs View on cve.org ↗