View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0000004||Network Wide||NihachuMC||public||2020-08-05 18:48||2020-08-05 18:49|
|Summary||0000004: Bungee-cord UUID Spoofing|
|Description||There's an issue with Spigot / Bungee-cord that allows users to spoof their UUID. Allowing people to falsify admin rights and so forth. As occurred when the server was griefed today.|
|Steps To Reproduce||1. Setup your own Bungee-cord instance|
2. Add any bungee-cord server that is hosted somewhere other than on the same machine as the bungee server is.
3. Join through your bungee server and use a plugin to modify the UUID sent to the server.
4. Voila, you now have all of that persons perms and so forth.
|Tags||No tags attached.|
|2020-08-05 18:48||RyTheFirst||New Issue|
|2020-08-05 18:48||RyTheFirst||Status||new => assigned|
|2020-08-05 18:48||RyTheFirst||Assigned To||=> RyTheFirst|
|2020-08-05 18:49||RyTheFirst||Status||assigned => resolved|
|2020-08-05 18:49||RyTheFirst||Resolution||open => fixed|
|2020-08-05 18:49||RyTheFirst||Note Added: 0000007|