An authentication bypass vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to gain access by exploiting the SetUser method or can exploit the Race Condition in the authentication message.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: hackerone

Published: 2023-05-09T00:00:00

Updated: 2024-08-02T12:30:24.188Z

Reserved: 2023-03-10T00:00:00

Link: CVE-2023-28126

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-05-09T22:15:09.813

Modified: 2024-11-21T07:54:27.410

Link: CVE-2023-28126

cve-icon Redhat

No data.