CVE-2018-17107
First published: Mon Sep 24 2018(Updated: )
In Tgstation tgstation-server 3.2.4.0 through 3.2.1.0 (fixed in 3.2.5.0), active logins would be cached, allowing subsequent logins to succeed with any username or password.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tgstation 13 | >=3.2.1.0<3.2.5.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-17107?
The severity of CVE-2018-17107 is critical, with a CVSS score of 9.8.
What is the affected software for CVE-2018-17107?
The affected software for CVE-2018-17107 is Tgstation tgstation-server versions 3.2.4.0 through 3.2.1.0.
How can active logins be cached in tgstation-server?
Active logins can be cached in tgstation-server versions 3.2.4.0 through 3.2.1.0, allowing subsequent logins to succeed with any username or password.
What is the fix for CVE-2018-17107?
The fix for CVE-2018-17107 is available in Tgstation tgstation-server version 3.2.5.0.
Where can I find more information about CVE-2018-17107?
More information about CVE-2018-17107 can be found at the following reference: https://github.com/tgstation/tgstation-server/issues/690
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/references
- agent/severity
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- vendor/tgstation13
- canonical/tgstation 13
- version/tgstation 13/3.2.1.0