Lucene search

[email protected]CVE-2007-1156

HistoryMar 02, 2007 - 9:18 p.m.

CVE-2007-1156

2007-03-0221:18:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

jbrowser

remote attackers

bypass authentication

administrative capabilities

nvd

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.092 Low

EPSS

Percentile

94.6%

JSON

JBrowser allows remote attackers to bypass authentication and access certain administrative capabilities via a direct request for _admin/.

CPENameOperatorVersion
man_machine_systems:jbrowserman machine systems jbrowsereq*

CPE	Name	Operator	Version
man_machine_systems:jbrowser	man machine systems jbrowser	eq	*

References

forums.avenir-geopolitique.net/viewtopic.php?t=2693

osvdb.org/33141

securityreason.com/securityalert/2370

securitytracker.com/id?1008909

www.securityfocus.com/archive/1/460923/100/0/threaded

www.securityfocus.com/archive/1/461298/100/100/threaded

www.securityfocus.com/bid/9537

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.092 Low

EPSS

Percentile

94.6%

JSON

Related for CVE-2007-1156

prion1 nessus1 securityvulns1