CVE-2018-1340 is a vulnerability in Apache Guacamole
Published on February 7, 2019
Prior to 1.0.0, Apache Guacamole used a cookie for client-side storage of the user's session token. This cookie lacked the "secure" flag, which could allow an attacker eavesdropping on the network to intercept the user's session token if unencrypted HTTP requests are made to the same domain.
Products Associated with CVE-2018-1340
Want to know whenever a new CVE is published for Apache Guacamole? stack.watch will email you.
Affected Versions
Apache Software Foundation Apache Guacamole Version Apache Guacamole 0.9.4 to 0.9.14 is affected by CVE-2018-1340Exploit Probability
EPSS
0.63%
Percentile
69.98%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.