Lucene search
MitreCVE-2008-1627HistoryApr 02, 2008 - 5:44 p.m.
CVE-2008-1627
2008-04-0217:44:00
CWE-264
mitre
web.nvd.nist.gov
24
cds invenio
email notification
remote authentication
security vulnerability
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
AI Score
6.4
Confidence
Low
EPSS
0.003
Percentile
71.8%
CDS Invenio 0.92.1 and earlier allows remote authenticated users to delete email notification alerts of arbitrary users via a modified internal UID.
Affected configurations
Node
cds_software_consortiuminvenioRange≤0.92.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cds_software_consortium | invenio | * | cpe:2.3:a:cds_software_consortium:invenio:*:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2008-1627
2008-04-02 17:44:00
cvelist
cvelist
CVE-2008-1627
2008-04-02 17:00:00
prion
prion
Code injection
2008-04-02 17:44:00
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
AI Score
6.4
Confidence
Low
EPSS
0.003
Percentile
71.8%
Related for CVE-2008-1627