Skip to main content

Credentials Management Errors

CVE-2013-3502

Severity Medium
Score 6.5/10

Summary

monarch_scan.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to execute arbitrary commands, and consequently obtain sensitive information, by leveraging a JOSSO SSO cookie.

  • LOW
  • NETWORK
  • SINGLE
  • PARTIAL
  • PARTIAL
  • PARTIAL

CWE-255 - Credentials Management Errors

Weaknesses in this category are related to the management of credentials.

References

Advisory Timeline

  • Published