Pinniped Supervisor <v0.19.0 Insufficient Session Expiration via Access Token
CVE-2022-31677 Published on August 29, 2022

An Insufficient Session Expiration issue was discovered in the Pinniped Supervisor (before v0.19.0). A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially use their access token to continue their session beyond what proper use of their refresh token might allow.

Github Repository NVD

Products Associated with CVE-2022-31677

Want to know whenever a new CVE is published for VMware Pinniped? stack.watch will email you.

VMware Pinniped

Exploit Probability

EPSS

0.23%

Percentile

45.32%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Pinniped Supervisor <v0.19.0 Insufficient Session Expiration via Access TokenCVE-2022-31677 Published on August 29, 2022

Products Associated with CVE-2022-31677

Exploit Probability

Pinniped Supervisor <v0.19.0 Insufficient Session Expiration via Access Token
CVE-2022-31677 Published on August 29, 2022