mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-19 17:31:42 +00:00
15 lines
1022 B
JSON
15 lines
1022 B
JSON
{
|
|
"id": "CVE-2020-1703",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2020-06-03T14:15:12.780",
|
|
"lastModified": "2020-06-03T14:15:12.780",
|
|
"vulnStatus": "Rejected",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Red Hat Product Security does not consider this as a security flaw. Password changes aren't expected to invalidate existing sessions. Though this is how Kerberos behaves: incrementing kvno will not invalidate any existing service tickets. This is not a concern because the lifetime on service tickets should be set appropriately (initially only a global, now also more finely configurable with the kdcpolicy plugin). This belief is reinforced by our use of mod_session: existing sessions there aren't terminated, but instead wait for expiration."
|
|
}
|
|
],
|
|
"metrics": {},
|
|
"references": []
|
|
} |