How severe is CVE-2018-18326?

CVE-2018-18326 has a CVSS v3 score of 7.5 (HIGH).

CVE-2018-18326

Name: dotnetnuke
Author: dnnsoftware

7.5HIGH

DNN (aka DotNetNuke) 9.2 through 9.2.2 incorrectly converts encryption key source values, resulting in lower than expected entropy. NOTE: this issue exists because of an incomplete fix for CVE-2018-15

Publicado: 7/3/2019Atualizado: 11/21/2024

Descrição

DNN (aka DotNetNuke) 9.2 through 9.2.2 incorrectly converts encryption key source values, resulting in lower than expected entropy. NOTE: this issue exists because of an incomplete fix for CVE-2018-15812.

Análise IADesenvolvido por IA

Produtos Afetados

dnnsoftwaredotnetnuke

Descrição

Análise IADesenvolvido por IA

Produtos Afetados

Exploits Disponíveis (1)

DotNetNuke - Cookie Deserialization Remote Code Execution (Metasploit)

Referências