Lucene search

[email protected]CVE-2004-0522

HistoryAug 06, 2004 - 4:00 a.m.

CVE-2004-0522

2004-08-0604:00:00

[email protected]

web.nvd.nist.gov

cve-2004-0522

gallery

authentication bypass

administrator privileges

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.8%

JSON

Gallery 1.4.3 and earlier allows remote attackers to bypass authentication and obtain Gallery administrator privileges.

Affected configurations

NVD

Node

gallery_projectgalleryMatch1.4

gallery_projectgalleryMatch1.4.1

gallery_projectgalleryMatch1.4.2

gallery_projectgalleryMatch1.4.3_pl1

gallery_projectgalleryMatch1.4_pl1

gallery_projectgalleryMatch1.4_pl2

Node

debiandebian_linuxMatch3.0

debiandebian_linuxMatch3.0alpha

debiandebian_linuxMatch3.0arm

debiandebian_linuxMatch3.0hppa

debiandebian_linuxMatch3.0ia-32

debiandebian_linuxMatch3.0ia-64

debiandebian_linuxMatch3.0m68k

debiandebian_linuxMatch3.0mips

debiandebian_linuxMatch3.0mipsel

debiandebian_linuxMatch3.0ppc

debiandebian_linuxMatch3.0s-390

debiandebian_linuxMatch3.0sparc

CPENameOperatorVersion
gallery_project:gallerygallery project galleryeq1.4
gallery_project:gallerygallery project galleryeq1.4.1
gallery_project:gallerygallery project galleryeq1.4.2
gallery_project:gallerygallery project galleryeq1.4.3_pl1
gallery_project:gallerygallery project galleryeq1.4_pl1
gallery_project:gallerygallery project galleryeq1.4_pl2

CPE	Name	Operator	Version
gallery_project:gallery	gallery project gallery	eq	1.4
gallery_project:gallery	gallery project gallery	eq	1.4.1
gallery_project:gallery	gallery project gallery	eq	1.4.2
gallery_project:gallery	gallery project gallery	eq	1.4.3_pl1
gallery_project:gallery	gallery project gallery	eq	1.4_pl1
gallery_project:gallery	gallery project gallery	eq	1.4_pl2