Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2017-09-19	CVE-2017-14143	Use of Hard-coded Credentials vulnerability in Kaltura Server The getUserzoneCookie function in Kaltura before 13.2.0 uses a hardcoded cookie secret to validate cookie signatures, which allows remote attackers to bypass an intended protection mechanism and consequently conduct PHP object injection attacks and execute arbitrary PHP code via a crafted userzone cookie. network low complexity kaltura CWE-798 critical	9.8