Insufficient Session Expiration in fossbilling/fossbilling
CVE-2023-4005

3.8LOW

Key Information:

Vendor: Fossbilling
Status: Fossbilling/fossbilling
Vendor: CVE Published:; 31 July 2023

🔔 Create Fossbilling Vulnerability Alert

What is CVE-2023-4005?

Insufficient Session Expiration in GitHub repository fossbilling/fossbilling prior to 0.5.5.

Affected Version(s)

fossbilling/fossbilling < 0.5.5

References

https://huntr.dev/bounties/f0aacce1-79bc-4765-95f1-7e8244...

https://github.com/fossbilling/fossbilling/commit/20c23b0...

CVSS V3.1

Score:

3.8

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 31, 2023
Vulnerability Reserved
Jul 31, 2023

CVE-2023-4005 Data

.