Lucene search

[email protected]CVE-2002-1112

HistoryOct 04, 2002 - 4:00 a.m.

CVE-2002-1112

2002-10-0404:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

mantis

bug listing

unauthenticated access

cookie modification

security vulnerability

cve-2002-1112

7.1 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.004 Low

EPSS

Percentile

72.7%

JSON

Mantis before 0.17.4 allows remote attackers to list project bugs without authentication by modifying the cookie that is used by the “View Bugs” page.

CPENameOperatorVersion
mantis:mantismantiseq0.15.12
mantis:mantismantiseq0.15.3
mantis:mantismantiseq0.15.9
mantis:mantismantiseq0.17.0
mantis:mantismantiseq0.15.10
mantis:mantismantiseq0.16.1
mantis:mantismantiseq0.15.4
mantis:mantismantiseq0.15.11
mantis:mantismantiseq0.17.2
mantis:mantismantiseq0.15.7

CPE	Name	Operator	Version
mantis:mantis	mantis	eq	0.15.12
mantis:mantis	mantis	eq	0.15.3
mantis:mantis	mantis	eq	0.15.9
mantis:mantis	mantis	eq	0.17.0
mantis:mantis	mantis	eq	0.15.10
mantis:mantis	mantis	eq	0.16.1
mantis:mantis	mantis	eq	0.15.4
mantis:mantis	mantis	eq	0.15.11
mantis:mantis	mantis	eq	0.17.2
mantis:mantis	mantis	eq	0.15.7

Rows per page:

1-10 of 161

References

mantisbt.sourceforge.net/advisories/2002/2002-03.txt

marc.info/?l=bugtraq&m=102978673018271&w=2

www.debian.org/security/2002/dsa-153

www.securityfocus.com/bid/5514

exchange.xforce.ibmcloud.com/vulnerabilities/9899

7.1 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.004 Low

EPSS

Percentile

72.7%

JSON

Related for CVE-2002-1112

osv1 openvas2 nessus2