Old session tokens can be used to authenticate to the application and send authenticated requests.
References
Link | Resource |
---|---|
https://github.com/heroiclabs/nakama/commit/ce8d3921e2acd44ef8b5e6edfe595b6df067b166 | Patch Third Party Advisory |
https://huntr.dev/bounties/35acf263-6db4-4310-ab27-4c3c3a53f796 | Exploit Issue Tracking Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: @huntrdev
Published: 2022-07-05T08:30:11
Updated: 2022-07-05T08:30:11
Reserved: 2022-07-04T00:00:00
Link: CVE-2022-2306
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-07-05T09:15:08.357
Modified: 2022-07-14T21:58:28.557
Link: CVE-2022-2306
JSON object: View
Redhat Information
No data.
CWE