CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1340

Prior to 1.0.0, Apache Guacamole used a cookie for client-side storage of the user's session token. This cookie lacked the "secure" flag, which could allow an attacker eavesdropping on the network to intercept the user's session token if unencrypted HTTP requests are made to the same domain.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 69.1%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2018-1340

Apache » Guacamole » Version: 0.3.0

cpe:2.3:a:apache:guacamole:0.3.0
Apache » Guacamole » Version: 0.4.0

cpe:2.3:a:apache:guacamole:0.4.0
Apache » Guacamole » Version: 0.5.0

cpe:2.3:a:apache:guacamole:0.5.0
Apache » Guacamole » Version: 0.6.0

cpe:2.3:a:apache:guacamole:0.6.0
Apache » Guacamole » Version: 0.6.1

cpe:2.3:a:apache:guacamole:0.6.1
Apache » Guacamole » Version: 0.6.2

cpe:2.3:a:apache:guacamole:0.6.2
Apache » Guacamole » Version: 0.6.3

cpe:2.3:a:apache:guacamole:0.6.3
Apache » Guacamole » Version: 0.7.0

cpe:2.3:a:apache:guacamole:0.7.0
Apache » Guacamole » Version: 0.7.1

cpe:2.3:a:apache:guacamole:0.7.1
Apache » Guacamole » Version: 0.7.2

cpe:2.3:a:apache:guacamole:0.7.2
Apache » Guacamole » Version: 0.7.3

cpe:2.3:a:apache:guacamole:0.7.3
Apache » Guacamole » Version: 0.7.4

cpe:2.3:a:apache:guacamole:0.7.4
Apache » Guacamole » Version: 0.8.0

cpe:2.3:a:apache:guacamole:0.8.0
Apache » Guacamole » Version: 0.8.2

cpe:2.3:a:apache:guacamole:0.8.2
Apache » Guacamole » Version: 0.8.3

cpe:2.3:a:apache:guacamole:0.8.3
Apache » Guacamole » Version: 0.8.4

cpe:2.3:a:apache:guacamole:0.8.4
Apache » Guacamole » Version: 0.9.0

cpe:2.3:a:apache:guacamole:0.9.0
Apache » Guacamole » Version: 0.9.1

cpe:2.3:a:apache:guacamole:0.9.1
Apache » Guacamole » Version: 0.9.10

cpe:2.3:a:apache:guacamole:0.9.10
Apache » Guacamole » Version: 0.9.10-incubating

cpe:2.3:a:apache:guacamole:0.9.10-incubating
Apache » Guacamole » Version: 0.9.11

cpe:2.3:a:apache:guacamole:0.9.11
Apache » Guacamole » Version: 0.9.11-incubating

cpe:2.3:a:apache:guacamole:0.9.11-incubating
Apache » Guacamole » Version: 0.9.12

cpe:2.3:a:apache:guacamole:0.9.12
Apache » Guacamole » Version: 0.9.12-incubating

cpe:2.3:a:apache:guacamole:0.9.12-incubating
Apache » Guacamole » Version: 0.9.13

cpe:2.3:a:apache:guacamole:0.9.13
Apache » Guacamole » Version: 0.9.13-incubating

cpe:2.3:a:apache:guacamole:0.9.13-incubating
Apache » Guacamole » Version: 0.9.14

cpe:2.3:a:apache:guacamole:0.9.14
Apache » Guacamole » Version: 0.9.2

cpe:2.3:a:apache:guacamole:0.9.2
Apache » Guacamole » Version: 0.9.3

cpe:2.3:a:apache:guacamole:0.9.3
Apache » Guacamole » Version: 0.9.4

cpe:2.3:a:apache:guacamole:0.9.4
Apache » Guacamole » Version: 0.9.5

cpe:2.3:a:apache:guacamole:0.9.5
Apache » Guacamole » Version: 0.9.6

cpe:2.3:a:apache:guacamole:0.9.6
Apache » Guacamole » Version: 0.9.7

cpe:2.3:a:apache:guacamole:0.9.7
Apache » Guacamole » Version: 0.9.8

cpe:2.3:a:apache:guacamole:0.9.8
Apache » Guacamole » Version: 0.9.9

cpe:2.3:a:apache:guacamole:0.9.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1340

Products

Pricing

Contact Us