Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2012-09-15T17:00:00Z
Updated: 2012-09-15T17:00:00Z
Reserved: 2012-06-14T00:00:00Z
Link: CVE-2012-3458
JSON object: View
NVD Information
Status : Analyzed
Published: 2012-09-15T17:55:07.147
Modified: 2012-09-17T17:43:18.843
Link: CVE-2012-3458
JSON object: View
Redhat Information
No data.
CWE