Vulnerability Details CVE-2020-27739
A Weak Session Management vulnerability in Citadel WebCit through 926 allows unauthenticated remote attackers to hijack recently logged-in users' sessions. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabilities in WebCit 926" thread.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.022
EPSS Ranking 83.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2020-27739
-
cpe:2.3:a:citadel:webcit:-
-
cpe:2.3:a:citadel:webcit:7.10
-
cpe:2.3:a:citadel:webcit:7.86
-
cpe:2.3:a:citadel:webcit:7.87
-
cpe:2.3:a:citadel:webcit:8.01
-
cpe:2.3:a:citadel:webcit:8.02
-
cpe:2.3:a:citadel:webcit:8.03
-
cpe:2.3:a:citadel:webcit:8.05
-
cpe:2.3:a:citadel:webcit:8.06
-
cpe:2.3:a:citadel:webcit:8.12
-
cpe:2.3:a:citadel:webcit:8.13
-
cpe:2.3:a:citadel:webcit:8.14
-
cpe:2.3:a:citadel:webcit:8.16
-
cpe:2.3:a:citadel:webcit:8.20
-
cpe:2.3:a:citadel:webcit:8.22
-
cpe:2.3:a:citadel:webcit:8.23
-
cpe:2.3:a:citadel:webcit:8.24
-
cpe:2.3:a:citadel:webcit:9.01
-
cpe:2.3:a:citadel:webcit:902
-
cpe:2.3:a:citadel:webcit:926