CVE-2015-8466

CVE-2015-8466

EPSS 2.0%

Swift3 before 1.9 allows remote attackers to conduct replay attacks via an Authorization request that lacks a Date header.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174374.html https://bugs.launchpad.net/swift3/+bug/1497424 https://github.com/openstack/swift3/blob/master/CHANGELOG https://swiftstack.com/docs/admin/release.html http://www.debian.org/security/2016/dsa-3583