Lucene search
MitreCVE-2007-6383HistoryDec 15, 2007 - 2:46 a.m.
CVE-2007-6383
2007-12-1502:46:00
CWE-264
mitre
web.nvd.nist.gov
21
cve-2007-6383
chandler server
cosmo
dav component
resource creation permissions
nvd
CVSS2
5.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
AI Score
6.4
Confidence
Low
EPSS
0.002
Percentile
55.7%
The DAV component in Chandler Server (Cosmo) before 0.10.1 does not check resource creation permissions, which allows remote authenticated users to create arbitrary resources in another user’s home collection.
Affected configurations
Node
chandler_projectchandler_serverRange≤0.10
| Vendor | Product | Version | CPE |
|---|---|---|---|
| chandler_project | chandler_server | * | cpe:2.3:a:chandler_project:chandler_server:*:*:*:*:*:*:*:* |
Related
prion
prion
Code injection
2007-12-15 02:46:00
cvelist
cvelist
CVE-2007-6383
2007-12-15 02:00:00
nvd
nvd
CVE-2007-6383
2007-12-15 02:46:00
CVSS2
5.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
AI Score
6.4
Confidence
Low
EPSS
0.002
Percentile
55.7%
Related for CVE-2007-6383