A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies were retained in the cache after logout. An attacker could abuse this flaw if they obtain previously valid session cookies and can use this to gain access to the session.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14826 | Issue Tracking Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2019-09-17T15:09:31
Updated: 2019-09-17T15:09:31
Reserved: 2019-08-10T00:00:00
Link: CVE-2019-14826
JSON object: View
NVD Information
Status : Modified
Published: 2019-09-17T16:15:10.917
Modified: 2019-10-09T23:46:48.017
Link: CVE-2019-14826
JSON object: View
Redhat Information
No data.
CWE