Lucene search

[email protected]CVE-2005-0285

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0285

2005-05-0204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-0285

webseries payment application

nvd

security

privileged operations

remote access

7.3 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.5%

JSON

Webseries Payment Application does not properly restrict privileged operations, which allows remote authenticated users to gain privileges by directly accessing certain URLs.

CPENameOperatorVersion
bottomline:webseries_payment_applicationbottomline webseries payment applicationeq4.0

CPE	Name	Operator	Version
bottomline:webseries_payment_application	bottomline webseries payment application	eq	4.0

References

marc.info/?l=bugtraq&m=110547396124885&w=2

secunia.com/advisories/13821

securitytracker.com/id?1012854

www.securityfocus.com/bid/12216

exchange.xforce.ibmcloud.com/vulnerabilities/18848

7.3 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.5%

JSON