Security Bulletins and Advisories / Insufficient Session ID Entropy

by Baker Hamilton, on May 14, 2018 2:29:15 PM

Reported Date January 8, 2018 Vendor SolarWinds Version Affected Serv-U Summary SolarWinds Serv-U MFT assigns authenticated users a low-entropy session token that can be included in requests to …

Read Details
Vulnerabilities:Insufficient Session ID Entropy

Vulnerability Disclosure Policy

Bishop Fox takes security issues very seriously. We believe in coordinated disclosure, and we work closely with vendors and clients to patch vulnerabilities promptly. More on our Disclosure Policy →

Subscribe to Updates