Caldera

DATE	CVE	VULNERABILITY TITLE	RISK
2020-03-22	CVE-2020-10807	Missing Authentication for Critical Function vulnerability in Mitre Caldera auth_svc in Caldera before 2.6.5 allows authentication bypass (for REST API requests) via a forged "localhost" string in the HTTP Host header. network low complexity mitre CWE-306	5.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.