CVE-2020-11729
on gitlab
Published
Severity
CVSS v3:
9.8 CRITICAL
CVSS v2:
7.5 HIGH
Description
An issue was discovered in DAViCal Andrew's Web Libraries (AWL) through 0.60. Long-term session cookies, uses to provide long-term session continuity, are not generated securely, enabling a brute-force attack that may be successful.
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:davical:andrew\'s_web_libraries:*:*:*:*:*:*:*:* | n/a | 0.60 (including) | * |
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* | n/a | n/a | 9.0 |
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* | n/a | n/a | 10.0 |