Primary

Context

Coral Server Session Authentication Vulnerability Allowing Agent Impersonation

Vulnerability

A vulnerability in Coral Server prior to version 1.1.0 allowed for weak authentication between agents and the server during active sessions. This flaw could be exploited by an attacker who obtained or predicted a session identifier, enabling them to impersonate an agent or join an existing session.

Impact

Exploitation of this vulnerability could lead to unauthorized impersonation of agents or interference with active sessions.

Remediation

Users can upgrade to Coral Server version 1.1.0 or later to address this vulnerability. The update introduces per-agent session secrets that are required for communication between agents and the server, enhancing authentication security.

Added: Mar 10, 2026, 6:46 PM

Updated: Mar 10, 2026, 6:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

6.4

remediation

0.0

relevance

3.7

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

6.4

remediation

0.0

relevance

3.7

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Coral Server Session Authentication Vulnerability Allowing Agent Impersonation

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating