Lucene search

[email protected]CVE-2007-5432

HistoryOct 12, 2007 - 11:17 p.m.

CVE-2007-5432

2007-10-1223:17:00

CWE-200

[email protected]

web.nvd.nist.gov

cve-2007-5432

stride 1.0

default credentials

vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.3%

JSON

Stride 1.0 has a default administrator username of “scott” with the password “running”, which allows remote attackers to obtain administrative access through login.php.

Affected configurations

NVD

Node

scottmanktelowstride_cmsMatch1.0

CPENameOperatorVersion
scottmanktelow:stride_cmsscottmanktelow stride cmseq1.0

CPE	Name	Operator	Version
scottmanktelow:stride_cms	scottmanktelow stride cms	eq	1.0

References

osvdb.org/43485

securityreason.com/securityalert/3216

securityvulns.ru/Sdocument4.html

www.securityfocus.com/archive/1/482006/100/0/threaded

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.3%

JSON

Related for CVE-2007-5432

prion1 nvd1 cvelist1