Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2006-6071
HistoryDec 02, 2006 - 2:28 a.m.

CVE-2006-6071

2006-12-0202:28:00
[email protected]
web.nvd.nist.gov
24
cve
2006
6071
twiki
apachelogin
vulnerability
security
remote attack

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.4%

JSON

TWiki 4.0.5 and earlier, when running under Apache 1.3 using ApacheLogin with sessions and “ErrorDocument 401” redirects to a valid wiki topic, does not properly handle failed login attempts, which allows remote attackers to read arbitrary content by cancelling out of a failed authentication with a valid username and invalid password.

Affected configurations

NVD
Node
twikitwikiRange4.0.5
CPENameOperatorVersion
twiki:twikitwikile4.0.5

Related

ubuntucve 1
seebug 1
cvelist 1
nvd 1
ubuntucve
ubuntucve
CVE-2006-6071
2006-12-02 00:00:00
seebug
seebug
TWiki失败登录信息泄露漏洞
2006-12-05 00:00:00
cvelist
cvelist
CVE-2006-6071
2006-12-02 02:00:00
nvd
nvd
CVE-2006-6071
2006-12-02 02:28:00

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.4%

JSON
Related for CVE-2006-6071
ubuntucve1seebug1cvelist1nvd1