Lucene search
@huntrdevCVE-2023-4005HistoryJul 31, 2023 - 1:15 a.m.
CVE-2023-4005
2023-07-3101:15:09
CWE-613
@huntrdev
web.nvd.nist.gov
90
cve-2023-4005
session expiration
github
repository
fossbilling
security
vulnerability
nvd
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
6.6
Confidence
High
EPSS
0.002
Percentile
56.7%
Insufficient Session Expiration in GitHub repository fossbilling/fossbilling prior to 0.5.5.
Affected configurations
Node
fossbillingfossbillingRange<0.5.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fossbilling | fossbilling | * | cpe:2.3:a:fossbilling:fossbilling:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "fossbilling",
"product": "fossbilling/fossbilling",
"versions": [
{
"version": "unspecified",
"lessThan": "0.5.5",
"status": "affected",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2023-4005
2023-07-31 01:15:09
huntr
huntr
Session is still valid after changing password
2023-07-11 08:38:59
osv
osv
CVE-2023-4005
2023-07-31 01:15:09
prion
prion
Session fixation
2023-07-31 01:15:00
cvelist
cvelist
CVE-2023-4005 Insufficient Session Expiration in fossbilling/fossbilling
2023-07-31 00:00:19
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
6.6
Confidence
High
EPSS
0.002
Percentile
56.7%
Related for CVE-2023-4005