Lucene search
MitreCVELIST:CVE-2020-29668HistoryDec 10, 2020 - 7:53 a.m.
CVE-2020-29668
2020-12-1007:53:33
mitre
www.cve.org
7
sympa
api
vulnerability
unauthorized access
Sympa before 6.2.59b.2 allows remote attackers to obtain full SOAP API access by sending any arbitrary string (except one from an expired cookie) as the cookie value to authenticateAndRun.
References
bugs.debian.org/cgi-bin/bugreport.cgi?bug=976020
github.com/sympa-community/sympa/blob/6.2.59b.2/NEWS.md
github.com/sympa-community/sympa/issues/1041
github.com/sympa-community/sympa/pull/1044
lists.debian.org/debian-lts-announce/2020/12/msg00026.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFZWDEKQFW3EH665OECDWIWM2MI7T53Y/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JICIHAJKKCZXJNIICUDYXGZFQCN6J4U6/
www.debian.org/security/2020/dsa-4818
Related
veracode
veracode
Authorization Bypass
2020-12-11 08:05:57
debian
debian
[SECURITY] [DLA 2499-1] sympa security update
2020-12-17 14:07:03
[SECURITY] [DSA 4818-1] sympa security update
2020-12-23 21:53:10
[SECURITY] [DSA 4818-1] sympa security update
2020-12-23 21:53:10
freebsd
freebsd
sympa -- Unauthorised full access via SOAP API due to illegal cookie
2020-11-24 00:00:00
osv
osv
sympa - security update
2020-12-17 00:00:00
CVE-2020-29668
2020-12-10 08:15:11
sympa - security update
2020-12-23 00:00:00
prion
prion
Code injection
2020-12-10 08:15:00
nessus
nessus
Fedora 32 : sympa (2021-a5570c5281)
2021-01-13 00:00:00
FreeBSD : sympa -- Unauthorised full access via SOAP API due to illegal cookie (0add6e6b-6883-11eb-b0cb-f8b156c2bfe9)
2021-05-03 00:00:00
Debian DLA-2499-1 : sympa security update
2020-12-18 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-2499-1)
2020-12-18 00:00:00
Fedora: Security Advisory for sympa (FEDORA-2021-11cb6626e2)
2021-01-13 00:00:00
Sympa < 6.2.60 SOAP API Vulnerability
2020-12-15 00:00:00
ubuntucve
ubuntucve
CVE-2020-29668
2020-12-10 00:00:00
debiancve
debiancve
CVE-2020-29668
2020-12-10 08:15:11
fedora
fedora
[SECURITY] Fedora 33 Update: sympa-6.2.60-1.fc33
2021-01-13 01:59:49
[SECURITY] Fedora 32 Update: sympa-6.2.60-1.fc32
2021-01-13 01:36:03
cve
cve
CVE-2020-29668
2020-12-10 08:15:11
nvd
nvd
CVE-2020-29668
2020-12-10 08:15:11