Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
OpenCast < 7.6.0 and 8.0.0 Multiple Vulnerabilities
Information
Severity
Severity
High
Family
Family
Web application abuses
CVSSv2 Base
CVSSv2 Base
7.5
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:L/Au:S/C:C/I:P/A:N
Solution Type
Solution Type
Vendor Patch
Created
Created
4 years ago
Modified
Modified
4 years ago
Summary
OpenCast is prone to multiple vulnerabilities.
Insight
Insight
OpenCast is prone to multiple vulnerabilities: - Authentication Bypass For Endpoints With Anonymous Access (CVE-2020-5206) - Hard-Coded Key Used For Remember-me Token (CVE-2020-5222) - Unauthenticated Access Via OAI-PMH (CVE-2020-5228) - Unsafe Identifiers (CVE-2020-5230) - Users with ROLE_COURSE_ADMIN can create new users (CVE-2020-5231)
Affected Software
Affected Software
OpenCast versions prior to 7.6.0 and version 8.0.0.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Update to version 7.6.0, 8.1.0 or later.
Common Vulnerabilities and Exposures (CVE)
References
- https://github.com/opencast/opencast/security/advisories/GHSA-vmm6-w4c
- https://github.com/opencast/opencast/security/advisories/GHSA-mh8g-hpr
- https://github.com/opencast/opencast/security/advisories/GHSA-6f54-3qr
- https://github.com/opencast/opencast/security/advisories/GHSA-w29m-fjp
- https://github.com/opencast/opencast/security/advisories/GHSA-94qw-r73