Lucene search

[email protected]CVE-2006-1555

HistoryMar 31, 2006 - 11:06 a.m.

CVE-2006-1555

2006-03-3111:06:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

vsns lemon

authentication bypass

remote attackers

cve-2006-1555

nvd

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.05 Low

EPSS

Percentile

92.8%

JSON

VSNS Lemon 3.2.0 allows remote attackers to bypass authentication and access password-protected articles by setting the vsns[topic_id] cookie to the targeted topic.

CPENameOperatorVersion
tachyon:vsns_lemontachyon vsns lemoneq3.2.0

CPE	Name	Operator	Version
tachyon:vsns_lemon	tachyon vsns lemon	eq	3.2.0

References

evuln.com/vulns/106/description.html

secunia.com/advisories/19420

securitytracker.com/id?1015836

www.osvdb.org/24213

www.securityfocus.com/archive/1/430345/100/0/threaded

www.securityfocus.com/bid/17396

exchange.xforce.ibmcloud.com/vulnerabilities/25459

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.05 Low

EPSS

Percentile

92.8%

JSON

Related for CVE-2006-1555

prion1 securityvulns1