CVE-2018-17107

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2018-17107
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-17107.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-17107
Aliases
Published
2018-09-24T22:29:01Z
Modified
2024-06-06T12:12:41.045633Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

In Tgstation tgstation-server 3.2.4.0 through 3.2.1.0 (fixed in 3.2.5.0), active logins would be cached, allowing subsequent logins to succeed with any username or password.

References

Affected packages

Git / github.com/tgstation/tgstation-server

Affected ranges

Type
GIT
Repo
https://github.com/tgstation/tgstation-server
Events

Affected versions

tgstation-server-v3.*

tgstation-server-v3.2.1.0
tgstation-server-v3.2.1.1
tgstation-server-v3.2.1.10
tgstation-server-v3.2.1.11
tgstation-server-v3.2.1.12
tgstation-server-v3.2.1.13
tgstation-server-v3.2.1.14
tgstation-server-v3.2.1.15
tgstation-server-v3.2.1.2
tgstation-server-v3.2.1.3
tgstation-server-v3.2.1.4
tgstation-server-v3.2.1.5
tgstation-server-v3.2.1.6
tgstation-server-v3.2.1.7
tgstation-server-v3.2.1.8
tgstation-server-v3.2.1.9
tgstation-server-v3.2.2.0
tgstation-server-v3.2.2.1
tgstation-server-v3.2.2.2
tgstation-server-v3.2.2.3
tgstation-server-v3.2.2.4
tgstation-server-v3.2.3.0
tgstation-server-v3.2.3.2
tgstation-server-v3.2.3.3
tgstation-server-v3.2.3.4
tgstation-server-v3.2.3.5
tgstation-server-v3.2.3.6
tgstation-server-v3.2.3.7
tgstation-server-v3.2.3.8
tgstation-server-v3.2.4.0