Lucene search

[email protected]CVE-2007-6661

HistoryJan 04, 2008 - 11:46 a.m.

CVE-2007-6661

2008-01-0411:46:00

CWE-255

[email protected]

web.nvd.nist.gov

cve-2007-6661

2z project

unauthorized access

password change

security vulnerability

7.5 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.002 Low

EPSS

Percentile

58.6%

JSON

2z project 0.9.6.1 allows attackers to change the password without supplying the old password.

CPENameOperatorVersion
2z_project:2z_project2z projecteq0.9.6.1

CPE	Name	Operator	Version
2z_project:2z_project	2z project	eq	0.9.6.1

References

2z-project.ru/forum/viewtopic.php?pid=8309

securityreason.com/securityalert/3514

www.securityfocus.com/archive/1/485590/100/0/threaded

www.securityfocus.com/bid/27057

7.5 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.002 Low

EPSS

Percentile

58.6%

JSON

Related for CVE-2007-6661

prion1 cvelist1