Lucene search
HistoryFeb 22, 2006 - 2:02 a.m.
CVE-2006-0843
information security
leif m. wright's blog 3.5
access control
cve-2006-0843
nvd
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.7 Medium
AI Score
Confidence
Low
0.01 Low
EPSS
Percentile
83.5%
Leif M. Wright’s Blog 3.5 stores the config file and other txt files under the web root with insufficient access control, which allows remote attackers to read the administrator’s password.
Affected configurations
Node
leif_m._wrightweb_blogMatch3.5
| CPE | Name | Operator | Version |
|---|---|---|---|
| leif_m._wright:web_blog | leif m. wright web blog | eq | 3.5 |
Related
nvd
nvd
CVE-2006-0843
2006-02-22 02:02:00
prion
prion
Improper access control
2006-02-22 02:02:00
cvelist
cvelist
CVE-2006-0843
2006-02-22 02:00:00
securityvulns
securityvulns
[eVuln] Leif M. Wright's Blog Multiple Vulnerabilities
2006-03-01 00:00:00
packetstorm
packetstorm
EV0082.txt
2006-03-03 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.7 Medium
AI Score
Confidence
Low
0.01 Low
EPSS
Percentile
83.5%
Related for CVE-2006-0843