CRITICAL🇵🇱 Wersja polska

CVE-2018-17107

CVSS 9.8v3.0pub. 2018-09-24upd. 2024-11-21

In Tgstation tgstation-server 3.2.4.0 through 3.2.1.0 (fixed in 3.2.5.0), active logins would be cached, allowing subsequent logins to succeed with any username or password.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Tgstation13 Tgstation Server

    APP
    Tgstation13
    3.2.1.0 – 3.2.5.0 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-21611HIGH8.8ten sam produkt

tgstation-server is a production scale tool for BYOND server management. Prior to 6.12.3, roles used to author...

CVE-2024-41799HIGH8.4ten sam produkt

tgstation-server is a production scale tool for BYOND server management. Prior to 6.8.0, low permission users ...

CVE-2023-32687HIGH7.7ten sam produkt

tgstation-server is a toolset to manage production BYOND servers. Starting in version 4.7.0 and prior to 5.12....

CVE-2020-16136HIGH7.7ten sam produkt

In tgstation-server 4.4.0 and 4.4.1, an authenticated user with permission to download logs can download any f...

CVE-2023-34243MEDIUM5.8ten sam produkt

TGstation is a toolset to manage production BYOND servers. In affected versions if a Windows user was register...