Insecure Session Encryption in Beaker
CVE-2012-3458 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:N/A:N
Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors.
Learn more about our Web Application Penetration Testing UK.