1Panel is an open source Linux server operation and maintenance management panel. The password verification in the source code uses the != symbol instead hmac.Equal. This may lead to a timing attack vulnerability. This vulnerability is fixed in 1.10.3-lts.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-04-18T14:56:56.270Z
Updated: 2024-06-04T17:38:59.303Z
Reserved: 2024-03-26T12:52:00.934Z
Link: CVE-2024-30257
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-04-18T15:15:30.043
Modified: 2024-04-18T18:25:55.267
Link: CVE-2024-30257
JSON object: View
Redhat Information
No data.
CWE