HIGH🇵🇱 Wersja polska

CVE-2018-16153

CVSS 7.5v3.1pub. 2023-12-12upd. 2025-05-27

An issue was discovered in Apereo Opencast 4.x through 10.x before 10.6. It sends system digest credentials during authentication attempts to arbitrary external services in some situations.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Apereo Opencast

    APP
    Apereo
    4.0 – 10.6 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2021-43821CRITICAL9.9ten sam produkt

Opencast is an Open Source Lecture Capture & Video Management for Education. Opencast before version 9.10 or 1...

CVE-2021-43807HIGH7.5ten sam produkt

Opencast is an Open Source Lecture Capture & Video Management for Education. Opencast versions prior to 9.10 a...

CVE-2021-32623HIGH8.1ten sam produkt

Opencast is a free and open source solution for automated video capture and distribution. Versions of Opencast...

CVE-2020-5206HIGH8.7ten sam produkt

In Opencast before 7.6 and 8.1, using a remember-me cookie with an arbitrary username can cause Opencast to as...

CVE-2020-5228HIGH7.6ten sam produkt

Opencast before 8.1 and 7.6 allows unauthorized public access to all media and metadata by default via OAI-PMH...