Skip to main content
CVE-2013-7347 LOW Monitor

Luci in Red Hat Conga does not properly enforce the user session timeout, which might allow attackers to gain access to the session by reading the __ac session cookie. Rated low severity (CVSS 3.7). No vendor patch available.

Red Hat Privilege Escalation Conga Enterprise Linux
NVD VulDB
CVSS 2.0
3.7
EPSS
0.1%
CVE-2012-3359 LOW Monitor

Luci in Red Hat Conga stores the user's username and password in a Base64 encoded string in the __ac session cookie, which allows attackers to gain privileges by accessing this cookie. Rated low severity (CVSS 3.7). No vendor patch available.

Red Hat Authentication Bypass Conga Enterprise Linux
NVD VulDB
CVSS 2.0
3.7
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy