An authentication bypass vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to gain access by exploiting the SetUser method or can exploit the Race Condition in the authentication message.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: hackerone
Published: 2023-05-09T00:00:00
Updated: 2023-05-09T00:00:00
Reserved: 2023-03-10T00:00:00
Link: CVE-2023-28126
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-05-09T22:15:09.813
Modified: 2023-05-16T18:24:30.067
Link: CVE-2023-28126
JSON object: View
Redhat Information
No data.