Vulnerabilities > Ucdok > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-05-16 | CVE-2013-7379 | Improper Authentication vulnerability in Ucdok Tomato 0.0.5 The admin API in the tomato module before 0.0.6 for Node.js does not properly check the access key when it is set to a string, which allows remote attackers to bypass authentication via a string in the access-key header that partially matches config.master.api.access_key. | 6.8 |