Lucene search

[email protected]CVE-2007-5943

HistoryNov 14, 2007 - 1:46 a.m.

CVE-2007-5943

2007-11-1401:46:00

CWE-16

[email protected]

web.nvd.nist.gov

cve

smf

1.1.4

unauthorized access

message

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.6 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.3%

JSON

Simple Machines Forum (SMF) 1.1.4 allows remote attackers to read a message in private forums by using the advanced search module with the “show results as messages” option, then searching for possible keywords contained in that message.

Affected configurations

NVD

Node

simple_machinessimple_machines_forumMatch1.1.4

CPENameOperatorVersion
simple_machines:simple_machines_forumsimple machines simple machines forumeq1.1.4

CPE	Name	Operator	Version
simple_machines:simple_machines_forum	simple machines simple machines forum	eq	1.1.4

References

www.securityfocus.com/archive/1/483437/100/0/threaded

www.securityfocus.com/bid/26508

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.6 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.3%

JSON

Related for CVE-2007-5943

prion1 cvelist1 nvd1