PT-2019-17849 · Overit · Geocall
Claudio Cinquino
·
Published
2019-04-01
·
Updated
2022-10-14
·
CVE-2019-5891
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
OverIT Geocall versions prior to 6.3 build 2:346977
Description
An issue allows an unauthenticated attacker to obtain a cookie of an authenticated user and login to the web application through an unauthenticated servlet.
Recommendations
For versions prior to 6.3 build 2:346977, update to a version that includes build 2:346977 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Geocall