CVE-2020-10807
Published
CVSS v3
5.3
MEDIUM
CVSS v2
5
MEDIUM
Affected
1
PROJECT
Description
auth_svc in Caldera before 2.6.5 allows authentication bypass (for REST API requests) via a forged "localhost" string in the HTTP Host header.
auth_svc in Caldera before 2.6.5 allows authentication bypass (for REST API requests) via a forged "localhost" string in the HTTP Host header.
GitHub