Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2012-09-15T17:00:00Z

Updated: 2024-08-06T20:05:12.551Z

Reserved: 2012-06-14T00:00:00Z

Link: CVE-2012-3458

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2012-09-15T17:55:07.147

Modified: 2024-11-21T01:40:55.107

Link: CVE-2012-3458

cve-icon Redhat

Severity : Moderate

Publid Date: 2012-08-13T00:00:00Z

Links: CVE-2012-3458 - Bugzilla