Lucene search

[email protected]CVE-2002-2163

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2002-2163

2022-10-0316:23:50

[email protected]

web.nvd.nist.gov

kvpoll

remote authentication

voting

security vulnerability

nvd

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

37.1%

JSON

KvPoll 1.1 allows remote authenticated users to vote more than once by setting the “already_voted” cookie by various methods, including a direct call to clear_cookies.php.

Affected configurations

NVD

Node

killervaultkvpollMatch1.1

CPENameOperatorVersion
killervault:kvpollkillervault kvpolleq1.1

CPE	Name	Operator	Version
killervault:kvpoll	killervault kvpoll	eq	1.1

References

www.ifrance.com/kitetoua/tuto/5holes5.txt

www.securityfocus.com/bid/4736

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

37.1%

JSON

Related for CVE-2002-2163

cvelist1 nvd1