CVE-2020-35458

Posted on by admin

CVE-2020-35458

An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There is a Ruby shell code injection issue via the hawk_remember_me_id parameter in the login_from_cookie cookie. The user logout routine could be used by unauthenticated remote attackers to execute code as hauser.

Source: CVE-2020-35458

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다