CVE-2018-13390
Description
Unauthenticated access to cloudtoken daemon on Linux via network from version 0.1.1 before version 0.1.24 allows attackers on the same subnet to gain temporary AWS credentials for the users roles.
Risk Information
Base Score
6.1
MODERATE
Vector
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
0.107
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2018-13390 are fixed in Python-cloudtoken 0.1.24 | Windows |
| Vulnerabilities CVE-2018-13390 are fixed in Python-cloudtoken for linux 0.1.24 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234