PT-2023-15467 · Last Yard · Last Yard

L00Neyhacker

·

Publicado

2023-02-01

·

Atualizado

2023-02-08

·

CVE-2022-47715

CVSS v3.1

5.3

Média

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions Last Yard version 22.09.8-1
Description The issue allows the cookie to be stolen via unencrypted traffic.
Recommendations For version 22.09.8-1, consider using encrypted traffic to protect against cookie theft until a patch is available.

Exploit

Correção

Missing Encryption of Sensitive Data

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-311

Identificadores relacionados

CVE-2022-47715

Produtos afetados

Last Yard