Lucene search

[email protected]CVE-2006-7152

HistoryMar 07, 2007 - 8:19 p.m.

CVE-2006-7152

2007-03-0720:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-7152

asp-nuke community

remote attackers

privilege gain

security vulnerability

7.8 High

AI Score

Confidence

Low

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.018 Low

EPSS

Percentile

88.0%

JSON

default.asp in ASP-Nuke Community 1.5 and earlier allows remote attackers to gain privileges by setting certain pseudo cookie values.

CPENameOperatorVersion
asp-nuke:asp-nukeasp-nukeeqrc3
asp-nuke:asp-nukeasp-nukeeqrc2
asp-nuke:asp-nukeasp-nukeeq1.3
asp-nuke:asp-nukeasp-nukeeq1.0
asp-nuke:asp-nukeasp-nukeeq1.5
asp-nuke:asp-nukeasp-nukeeqrc1
asp-nuke:asp-nukeasp-nukeeq1.2

CPE	Name	Operator	Version
asp-nuke:asp-nuke	asp-nuke	eq	rc3
asp-nuke:asp-nuke	asp-nuke	eq	rc2
asp-nuke:asp-nuke	asp-nuke	eq	1.3
asp-nuke:asp-nuke	asp-nuke	eq	1.0
asp-nuke:asp-nuke	asp-nuke	eq	1.5
asp-nuke:asp-nuke	asp-nuke	eq	rc1
asp-nuke:asp-nuke	asp-nuke	eq	1.2

References

www.securityfocus.com/bid/21309

exchange.xforce.ibmcloud.com/vulnerabilities/30541

www.exploit-db.com/exploits/2849

7.8 High

AI Score

Confidence

Low

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.018 Low

EPSS

Percentile

88.0%

JSON