Lucene search

[email protected]CVE-2007-2638

HistoryMay 13, 2007 - 11:19 p.m.

CVE-2007-2638

2007-05-1323:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

efilecabinet

authentication bypass

vulnerability

security

nvd

7.3 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

85.3%

JSON

eFileCabinet 3.3 allows remote attackers to bypass authentication and access restricted portions of the interface via an invalid filecabinetnumber, which can be leveraged to obtain sensitive information or create new data structures.

CPENameOperatorVersion
efilecabinet:efilecabinetefilecabinetle3.3

CPE	Name	Operator	Version
efilecabinet:efilecabinet	efilecabinet	le	3.3

References

osvdb.org/34774

securityreason.com/securityalert/2696

www.securityfocus.com/archive/1/468314/100/0/threaded

www.securityfocus.com/bid/23944

exchange.xforce.ibmcloud.com/vulnerabilities/34251

7.3 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

85.3%

JSON

Related for CVE-2007-2638

prion1