Session Cookie Hijacking Vulnerability

Session Cookie Hijacking Vulnerability

CVE-2022-2888 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

If an attacker comes into the possession of a victim's OctoPrint session cookie through whatever means, the attacker can use this cookie to authenticate as long as the victim's account exists.

Learn more about our Cis Benchmark Audit For Print Devices.