What is CVE-2015-8368?

CVE-2015-8368 is a vulnerability in Ntop Ntopng, classified under CWE-254. Published 2015-12-17.

Is CVE-2015-8368 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Ntop Ntopng

CVE-2015-8368

ntopng (aka ntop) before 2.2 allows remote authenticated users to change the login context and gain privileges via the user cookie and username parameter to admin/password_reset.lua.

EPSS: 0.030 (86.8th percentile) — read the EPSS interpretation.

Affected products

Ntop Ntopng
N/a — versions n/a

Weakness classification (CWE)

CWE-254

Public proof-of-concept exploits

ARPSyndicate/cvemon

References

cve@mitre.org (Exploit, x_refsource_MISC)
20151209 ntop-ng <= 2.0.151021 - Privilege Escalation (mailing-list, Exploit, x_refsource_FULLDISC)
38836 (Exploit, exploit, x_refsource_EXPLOIT-DB)

Frequently asked questions

What is CVE-2015-8368?: CVE-2015-8368 is a vulnerability in Ntop Ntopng, classified under CWE-254. Published 2015-12-17.
Is CVE-2015-8368 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.