CVE-2018-8096
N/A
N/A
Summary
Datalust Seq before 4.2.605 is vulnerable to Authentication Bypass (with the attacker obtaining admin access) via '"Name":"isauthenticationenabled","Value":false' in an api/settings/setting-isauthenticationenabled PUT request.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/datalust/seq-tickets/issues/675
- https://medium.com/stolabs/bypass-admin-authentication-on-seq-17f0f9e02732
- https://www.exploit-db.com/exploits/45136/
References
- https://github.com/datalust/seq-tickets/issues/675
- https://medium.com/stolabs/bypass-admin-authentication-on-seq-17f0f9e02732
- https://www.exploit-db.com/exploits/45136/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.