ID | CVE-2013-4346 | ||||||
Summary | The Server.verify_request function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL. | ||||||
References | |||||||
Vulnerable Configurations |
|
||||||
CVSS |
|
||||||
CWE | CWE-310 | ||||||
CAPEC |
|
||||||
Access |
|
||||||
Impact |
|
||||||
cvss-vector via4 | AV:N/AC:M/Au:N/C:N/I:P/A:N | ||||||
redhat via4 | |||||||
refmap via4 |
|
||||||
Last major update | 13-02-2023 - 00:28 | ||||||
Published | 20-05-2014 - 14:55 | ||||||
Last modified | 13-02-2023 - 00:28 |