
We found results for “”
CVE-2022-24950
Date: August 15, 2022
A race condition exists in Eternal Terminal prior to version 6.2.0 that allows an authenticated attacker to hijack other users' SSH authorization socket, enabling the attacker to login to other systems as the targeted users. The bug is in UserTerminalRouter::getInfoForId().
Language: C++
Severity Score
Related Resources (5)
Severity Score
Weakness Type (CWE)
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-362CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | HIGH |
Privileges Required (PR): | LOW |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | HIGH |
Availability (A): | HIGH |