High severityNVD Advisory· Published Mar 10, 2022· Updated Aug 3, 2024
CVE-2022-25510
CVE-2022-25510
Description
FreeTAKServer 1.9.8 contains a hardcoded Flask secret key which allows attackers to create crafted cookies to bypass authentication or escalate privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
FreeTAKServerPyPI | < 1.9.8.5 | 1.9.8.5 |
Affected products
2- FreeTAKServer/FreeTAKServerdescription
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-f897-875p-23x7ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-25510ghsaADVISORY
- github.com/FreeTAKTeam/FreeTakServer/issues/292ghsax_refsource_MISCWEB
- github.com/pypa/advisory-database/tree/main/vulns/freetakserver/PYSEC-2022-43135.yamlghsaWEB
News mentions
0No linked articles in our index yet.