Credentials Management Errors
CVE-2013-3502
Summary
monarch_scan.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to execute arbitrary commands, and consequently obtain sensitive information, by leveraging a JOSSO SSO cookie.
- LOW
- NETWORK
- SINGLE
- PARTIAL
- PARTIAL
- PARTIAL
CWE-255 - Credentials Management Errors
Weaknesses in this category are related to the management of credentials.
References
Advisory Timeline
- Published