CVE-2019-14826

A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies were retained in the cache after logout. An attacker could abuse this flaw if they obtain previously valid session cookies and can use this to gain access to the session.
References
Link Resource
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14826 Issue Tracking Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:freeipa:freeipa:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-09-17 16:15

Updated : 2024-02-04 20:20


NVD link : CVE-2019-14826

Mitre link : CVE-2019-14826

CVE.ORG link : CVE-2019-14826


JSON object : View

Products Affected

freeipa

  • freeipa

redhat

  • enterprise_linux
CWE
CWE-613

Insufficient Session Expiration