Sympa CVE - OpenCVE

Filtered by vendor Sympa Subscribe

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-29668	3 Debian, Fedoraproject, Sympa	3 Debian Linux, Fedora, Sympa	2022-04-26	4.3 MEDIUM	3.7 LOW
Sympa before 6.2.59b.2 allows remote attackers to obtain full SOAP API access by sending any arbitrary string (except one from an expired cookie) as the cookie value to authenticateAndRun.

Vulnerabilities (CVE)