Back to bug 1299615
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Martin Prpič | 2016-01-18 18:48:38 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-01-18 18:48:38 UTC | Doc Type | --- | Bug Fix |
| Martin Prpič | 2016-01-18 18:57:46 UTC | Blocks | 1299618 | |
| Martin Prpič | 2016-01-18 19:02:13 UTC | CC | omular | |
| Martin Prpič | 2016-01-18 19:05:41 UTC | Summary | EMBARGOED CVE-2016-0721 pcsd: cookies are not invalidated upon logout | EMBARGOED CVE-2016-0721 pcs: cookies are not invalidated upon logout |
| Ján Rusnačko | 2016-01-19 07:24:09 UTC | CC | jrusnack | |
| Martin Prpič | 2016-01-19 09:32:52 UTC | Whiteboard | impact=moderate,public=no,reported=20160105,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-613->CWE-384,rhel-6/pcs=affected,rhel-7/pcs=affected,fedora-all/pcs=affected | impact=moderate,public=no,reported=20160105,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-613->CWE-384,rhel-6/pcs=wontfix,rhel-7/pcs=affected,fedora-all/pcs=affected |
| Martin Prpič | 2016-02-16 08:52:32 UTC | Whiteboard | impact=moderate,public=no,reported=20160105,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-613->CWE-384,rhel-6/pcs=wontfix,rhel-7/pcs=affected,fedora-all/pcs=affected | impact=moderate,public=20160216,reported=20160105,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-613->CWE-384,rhel-6/pcs=wontfix,rhel-7/pcs=affected,fedora-all/pcs=affected |
| Martin Prpič | 2016-02-16 08:52:57 UTC | Summary | EMBARGOED CVE-2016-0721 pcs: cookies are not invalidated upon logout | CVE-2016-0721 pcs: cookies are not invalidated upon logout |
| Martin Prpič | 2016-02-16 08:53:00 UTC | Group | security, qe_staff | |
| Martin Prpič | 2016-02-16 08:53:45 UTC | Depends On | 1308827 | |
| Martin Prpič | 2016-04-27 08:42:49 UTC | Depends On | 1330884 | |
| Martin Prpič | 2016-05-05 08:29:39 UTC | Whiteboard | impact=moderate,public=20160216,reported=20160105,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-613->CWE-384,rhel-6/pcs=wontfix,rhel-7/pcs=affected,fedora-all/pcs=affected | impact=moderate,public=20160216,reported=20160105,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-613->CWE-384,rhel-6/pcs=wontfix,rhel-7/pcs=defer,fedora-all/pcs=affected |
| Huzaifa S. Sidhpurwala | 2016-08-23 06:39:26 UTC | Blocks | 1323912 | |
| Martin Prpič | 2016-10-03 07:46:58 UTC | Doc Text | It was found that pcsd did not invalidate cookies on the server side when a user logged out. This could potentially allow an attacker to perform session fixation attacks on pcsd. | |
| Tomas Hoger | 2016-10-26 21:29:25 UTC | Whiteboard | impact=moderate,public=20160216,reported=20160105,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-613->CWE-384,rhel-6/pcs=wontfix,rhel-7/pcs=defer,fedora-all/pcs=affected | impact=moderate,public=20160216,reported=20160105,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-613->CWE-384,rhel-6/pcs=wontfix,rhel-7/pcs=affected,fedora-all/pcs=affected |
| Huzaifa S. Sidhpurwala | 2016-11-06 04:27:43 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-11-06 00:27:43 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:42:36 UTC | Whiteboard | impact=moderate,public=20160216,reported=20160105,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-613->CWE-384,rhel-6/pcs=wontfix,rhel-7/pcs=affected,fedora-all/pcs=affected |
Back to bug 1299615