CVE-2022-41542 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2022-41542

CWE

https://cwe.mitre.org/data/definitions/613.html

devhub 0.102.0 was discovered to contain a broken session control.

Weakness

According to WASC, “Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization.”

Affected Software

Name	Vendor	Start Version	End Version
Devhub	Devhubapp	0.102.0 (including)	0.102.0 (including)

Potential Mitigations

References

http://devhub.com
https://app.devhubapp.com/
https://devhubapp.com/
https://medium.com/%40sc0p3hacker/cve-2022-41542-session-mis-configuration-in-devhub-application-ca956bb9027a