Lucene search

[email protected]CVE-2008-3717

HistoryAug 19, 2008 - 7:41 p.m.

CVE-2008-3717

2008-08-1919:41:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2008-3717

harmoni

information security

asset ids

remote attackers

vulnerability

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.5 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.8%

JSON

Harmoni before 1.6.0 does not require administrative privileges to list (1) user names or (2) asset ids, which allows remote attackers to obtain sensitive information.

Affected configurations

NVD

Node

harmoniharmoniRange≤1.4.7

harmoniharmoniMatch0.0.2

harmoniharmoniMatch0.0.3

harmoniharmoniMatch0.0.4

harmoniharmoniMatch0.0.5

harmoniharmoniMatch0.1.0

harmoniharmoniMatch0.2.0

harmoniharmoniMatch0.3.0

harmoniharmoniMatch0.3.1

harmoniharmoniMatch0.3.2

harmoniharmoniMatch0.5.1

harmoniharmoniMatch0.6.0

harmoniharmoniMatch0.6.2

harmoniharmoniMatch0.7.0

harmoniharmoniMatch0.7.1

harmoniharmoniMatch0.7.2

harmoniharmoniMatch0.7.6

harmoniharmoniMatch0.7.7

harmoniharmoniMatch0.9.0

harmoniharmoniMatch0.10.1

harmoniharmoniMatch0.11.0

harmoniharmoniMatch0.12.0

harmoniharmoniMatch0.12.1

harmoniharmoniMatch0.12.3

harmoniharmoniMatch0.13.0

harmoniharmoniMatch0.13.1

harmoniharmoniMatch0.13.2

harmoniharmoniMatch0.13.3

harmoniharmoniMatch0.13.4

harmoniharmoniMatch0.13.5

harmoniharmoniMatch0.13.6

harmoniharmoniMatch0.13.7

harmoniharmoniMatch1.0.0

harmoniharmoniMatch1.0.1

harmoniharmoniMatch1.0.2

harmoniharmoniMatch1.0.3

harmoniharmoniMatch1.0.5

harmoniharmoniMatch1.0.6

harmoniharmoniMatch1.1.0

harmoniharmoniMatch1.3.0

harmoniharmoniMatch1.3.2

harmoniharmoniMatch1.3.4

harmoniharmoniMatch1.3.5

harmoniharmoniMatch1.4.2

harmoniharmoniMatch1.4.6

CPENameOperatorVersion
harmoni:harmoniharmonile1.4.7
harmoni:harmoniharmonieq0.0.2
harmoni:harmoniharmonieq0.0.3
harmoni:harmoniharmonieq0.0.4
harmoni:harmoniharmonieq0.0.5
harmoni:harmoniharmonieq0.1.0
harmoni:harmoniharmonieq0.2.0
harmoni:harmoniharmonieq0.3.0
harmoni:harmoniharmonieq0.3.1
harmoni:harmoniharmonieq0.3.2

CPE	Name	Operator	Version
harmoni:harmoni	harmoni	le	1.4.7
harmoni:harmoni	harmoni	eq	0.0.2
harmoni:harmoni	harmoni	eq	0.0.3
harmoni:harmoni	harmoni	eq	0.0.4
harmoni:harmoni	harmoni	eq	0.0.5
harmoni:harmoni	harmoni	eq	0.1.0
harmoni:harmoni	harmoni	eq	0.2.0
harmoni:harmoni	harmoni	eq	0.3.0
harmoni:harmoni	harmoni	eq	0.3.1
harmoni:harmoni	harmoni	eq	0.3.2

Rows per page:

1-10 of 451

References

secunia.com/advisories/31503

sourceforge.net/project/shownotes.php?release_id=619864

sourceforge.net/tracker/index.php?func=detail&aid=2040324&group_id=82171&atid=1098812

www.securityfocus.com/bid/30706

exchange.xforce.ibmcloud.com/vulnerabilities/44485

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.5 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.8%

JSON

Related for CVE-2008-3717

cvelist1 nvd1 prion1