We found results for “”
WS-2021-0420
Good to know:
Date: November 9, 2021
Users or API keys with permission to expire verification codes could have expired codes that belonged to another realm if they guessed the UUID. Fixed in 1.1.2
Language: Go
Severity Score
Severity Score
Weakness Type (CWE)
Code
CWE-17Top Fix
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | HIGH |
Privileges Required (PR): | LOW |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | NONE |
Integrity (I): | LOW |
Availability (A): | NONE |