Lucene search

[email protected]CVE-2005-1716

HistoryMay 24, 2005 - 4:00 a.m.

CVE-2005-1716

2005-05-2404:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

topo

2.2

2.2.178

data directory

access control

vulnerability

remote attackers

sensitive information

client ip addresses

cve-2005-1716

nvd

7 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

61.8%

JSON

TOPo 2.2 (2.2.178) stores data files in the data directory under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as client IP addresses.

CPENameOperatorVersion
ej3:topoej3 topoeq2.2
ej3:topoej3 topoeq2.2.178

CPE	Name	Operator	Version
ej3:topo	ej3 topo	eq	2.2
ej3:topo	ej3 topo	eq	2.2.178

References

lostmon.blogspot.com/2005/05/topo-22-multiple-variable-fields-xss.html

secunia.com/advisories/15325

securitytracker.com/id?1014016

www.osvdb.org/16700

7 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

61.8%

JSON

Related for CVE-2005-1716

cvelist1