A Session ID leak in the DEBUG log file in Graylog before 4.1.2 allows attackers to escalate privileges (to the access level of the leaked session ID).
References
Link | Resource |
---|---|
https://www.graylog.org/post/announcing-graylog-v4-1-2 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-07-31T17:35:10
Updated: 2021-07-31T17:35:10
Reserved: 2021-07-31T00:00:00
Link: CVE-2021-37759
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-07-31T18:15:07.837
Modified: 2021-08-10T14:01:25.023
Link: CVE-2021-37759
JSON object: View
Redhat Information
No data.
CWE