High severity7.4NVD Advisory· Published Oct 4, 2021· Updated Jun 17, 2026
CVE-2021-38618
CVE-2021-38618
Description
In GFOS Workforce Management 4.8.272.1, the login page of application is prone to authentication bypass, allowing anyone (who knows a user's credentials except the password) to get access to an account. This occurs because of JSESSIONID mismanagement.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- GFOS/Workforce Managementdescription
- Range: = 4.8.272.1
- Range: = 4.8.272.1
- Range: = 4.8.272.1
Patches
Vulnerability mechanics
References
2- excellium-services.com/cert-xlm-advisory/cve-2021-38618/nvdThird Party Advisory
- cds.thalesgroup.com/en/tcs-cert/CVE-2021-38618nvd
News mentions
0No linked articles in our index yet.