Security Advisory

CVE-2022-24950

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-08-16 00:00:00

Last updated 2024-08-03 04:29:01

Assigner facebook

State PUBLISHED

Description

A race condition exists in Eternal Terminal prior to version 6.2.0 that allows an authenticated attacker to hijack other users SSH authorization socket, enabling the attacker to login to other systems as the targeted users. The bug is in UserTerminalRouter::getInfoForId().

← Browse all CVEs View on cve.org ↗