Lucene search

[email protected]CVE-2008-5783

HistoryDec 31, 2008 - 11:30 a.m.

CVE-2008-5783

2008-12-3111:30:00

CWE-287

[email protected]

web.nvd.nist.gov

cve-2008-5783

v3 chat live support

authentication bypass

remote attackers

administrative access

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.2%

JSON

admin/index.php in V3 Chat Live Support 3.0.4 allows remote attackers to bypass authentication and gain administrative access by setting the admin cookie to 1.

Affected configurations

NVD

Node

v3chatv3_chat_live_supportMatch3.0.4

CPENameOperatorVersion
v3chat:v3_chat_live_supportv3chat v3 chat live supporteq3.0.4

CPE	Name	Operator	Version
v3chat:v3_chat_live_support	v3chat v3 chat live support	eq	3.0.4

References

secunia.com/advisories/32603

securityreason.com/securityalert/4843

www.securityfocus.com/bid/32216

www.vupen.com/english/advisories/2008/3066

exchange.xforce.ibmcloud.com/vulnerabilities/46481

www.exploit-db.com/exploits/7069

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.2%

JSON

Related for CVE-2008-5783

nvd1 prion1 cvelist1