Lucene search

[email protected]CVE-2008-3268

HistoryJul 24, 2008 - 3:41 p.m.

CVE-2008-3268

2008-07-2415:41:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2008-3268

phpscheduleit

vulnerability

remote attackers

bypass restrictions

gain privileges

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.0%

JSON

Unspecified vulnerability in phpScheduleIt 1.2.0 through 1.2.9, when useLogonName is enabled, allows remote attackers with administrator email address knowledge to bypass restrictions and gain privileges via unspecified vectors related to login names. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

brickhostphpscheduleitMatch1.2.0

brickhostphpscheduleitMatch1.2.0beta

brickhostphpscheduleitMatch1.2.0rc1

brickhostphpscheduleitMatch1.2.1

brickhostphpscheduleitMatch1.2.2

brickhostphpscheduleitMatch1.2.3

brickhostphpscheduleitMatch1.2.4

brickhostphpscheduleitMatch1.2.5

brickhostphpscheduleitMatch1.2.6

brickhostphpscheduleitMatch1.2.7

brickhostphpscheduleitMatch1.2.9

CPENameOperatorVersion
brickhost:phpscheduleitbrickhost phpscheduleiteq1.2.0
brickhost:phpscheduleitbrickhost phpscheduleiteq1.2.1
brickhost:phpscheduleitbrickhost phpscheduleiteq1.2.2
brickhost:phpscheduleitbrickhost phpscheduleiteq1.2.3
brickhost:phpscheduleitbrickhost phpscheduleiteq1.2.4
brickhost:phpscheduleitbrickhost phpscheduleiteq1.2.5
brickhost:phpscheduleitbrickhost phpscheduleiteq1.2.6
brickhost:phpscheduleitbrickhost phpscheduleiteq1.2.7
brickhost:phpscheduleitbrickhost phpscheduleiteq1.2.9

CPE	Name	Operator	Version
brickhost:phpscheduleit	brickhost phpscheduleit	eq	1.2.0
brickhost:phpscheduleit	brickhost phpscheduleit	eq	1.2.1
brickhost:phpscheduleit	brickhost phpscheduleit	eq	1.2.2
brickhost:phpscheduleit	brickhost phpscheduleit	eq	1.2.3
brickhost:phpscheduleit	brickhost phpscheduleit	eq	1.2.4
brickhost:phpscheduleit	brickhost phpscheduleit	eq	1.2.5
brickhost:phpscheduleit	brickhost phpscheduleit	eq	1.2.6
brickhost:phpscheduleit	brickhost phpscheduleit	eq	1.2.7
brickhost:phpscheduleit	brickhost phpscheduleit	eq	1.2.9

References

secunia.com/advisories/31147

sourceforge.net/project/shownotes.php?release_id=614202

www.securityfocus.com/bid/30300

exchange.xforce.ibmcloud.com/vulnerabilities/43900

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.0%

JSON

Related for CVE-2008-3268

prion1 cvelist1 nvd1