Lucene search
HistoryJan 05, 2009 - 4:30 p.m.
CVE-2008-5840
php icalendar
authentication bypass
remote attack
7.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.019 Low
EPSS
Percentile
88.4%
PHP iCalendar 2.24 and earlier allows remote attackers to bypass authentication by setting the phpicalendar and phpicalendar_login cookies to 1.
Affected configurations
Node
phpicalendarphpicalendarRange≤2.24
ORphpicalendarphpicalendarMatch0.7
ORphpicalendarphpicalendarMatch0.8
ORphpicalendarphpicalendarMatch0.9
ORphpicalendarphpicalendarMatch0.9.5
ORphpicalendarphpicalendarMatch1.0
ORphpicalendarphpicalendarMatch1.1
ORphpicalendarphpicalendarMatch2.0beta
ORphpicalendarphpicalendarMatch2.0.1
ORphpicalendarphpicalendarMatch2.0c
ORphpicalendarphpicalendarMatch2.1
ORphpicalendarphpicalendarMatch2.2
ORphpicalendarphpicalendarMatch2.21
ORphpicalendarphpicalendarMatch2.22
ORphpicalendarphpicalendarMatch2.23
ORphpicalendarphpicalendarMatch2.23rc1
ORphpicalendarphpicalendar2.0Matchalpha_test
Related
prion
prion
Authentication flaw
2009-01-05 16:30:00
nvd
nvd
CVE-2008-5840
2009-01-05 16:30:04
cvelist
cvelist
CVE-2008-5840
2009-01-05 16:00:00
seebug
seebug
PHP iCalendar Cookie处理绕过认证漏洞
2009-01-06 00:00:00
7.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.019 Low
EPSS
Percentile
88.4%
Related for CVE-2008-5840