漏洞标题
"Konga 登录 API 随机值" 翻译成中文为 "Konga 登录 API 随机值"
漏洞描述信息
Konga登录API随机值
CVSS信息
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
漏洞类别
N/A
漏洞标题
Konga Login API random values
漏洞描述信息
A vulnerability was found in Konga 2.8.3 on Kong. It has been classified as problematic. This affects an unknown part of the component Login API. The manipulation leads to insufficiently random values. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to change the configuration settings. The associated identifier of this vulnerability is VDB-227715.
CVSS信息
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
漏洞类别
使用不充分的随机数
漏洞标题
KONGA 安全特征问题漏洞
漏洞描述信息
KONGA是荷兰Panagis Tselentis个人开发者的一个功能齐全的开源、多用户 GUI。 KONGA 2.8.3版本存在安全特征问题漏洞,该漏洞源于随机值不够。
CVSS信息
N/A
漏洞类别
授权问题