CVE Vulnerabilities

CVE-2015-8368

Published: Dec 17, 2015 | Modified: Dec 18, 2015
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6 MEDIUM
AV:N/AC:M/Au:S/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

ntopng (aka ntop) before 2.2 allows remote authenticated users to change the login context and gain privileges via the user cookie and username parameter to admin/password_reset.lua.

Affected Software

Name Vendor Start Version End Version
Ntopng Ntop * 2.0.151021 (including)
Ntopng Ubuntu upstream *
Ntopng Ubuntu vivid *
Ntopng Ubuntu wily *

References