Lucene search

K
cve[email protected]CVE-2008-6109
HistoryFeb 11, 2009 - 12:30 a.m.

CVE-2008-6109

2009-02-1100:30:00
CWE-264
web.nvd.nist.gov
21
cve-2008-6109
asm
privilege enforcement
local users
access restrictions
bug
nvd

6.6 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.1%

Robin Rawson-Tetley Animal Shelter Manager (ASM) before 2.2.2 does not properly enforce the privileges of user accounts, which allows local users to bypass intended access restrictions by (1) opening unspecified screens, related to the “double click selector bug”; or modifying a (2) animal, (3) owner, (4) lost/found, (5) diary note, (6) owner donation, or (7) waiting list record, related to “change permissions” and the “new UI.”

Affected configurations

NVD
Node
shelter_manageranimal_shelter_managerRange2.2.1
OR
shelter_manageranimal_shelter_managerMatch1.1
OR
shelter_manageranimal_shelter_managerMatch1.3
OR
shelter_manageranimal_shelter_managerMatch1.11
OR
shelter_manageranimal_shelter_managerMatch1.12
OR
shelter_manageranimal_shelter_managerMatch1.20
OR
shelter_manageranimal_shelter_managerMatch1.22
OR
shelter_manageranimal_shelter_managerMatch1.30
OR
shelter_manageranimal_shelter_managerMatch1.30.1
OR
shelter_manageranimal_shelter_managerMatch1.30.2
OR
shelter_manageranimal_shelter_managerMatch1.30_beta
OR
shelter_manageranimal_shelter_managerMatch1.31
OR
shelter_manageranimal_shelter_managerMatch1.32
OR
shelter_manageranimal_shelter_managerMatch1.33
OR
shelter_manageranimal_shelter_managerMatch1.34
OR
shelter_manageranimal_shelter_managerMatch1.35
OR
shelter_manageranimal_shelter_managerMatch1.36
OR
shelter_manageranimal_shelter_managerMatch1.37
OR
shelter_manageranimal_shelter_managerMatch1.38
OR
shelter_manageranimal_shelter_managerMatch1.39
OR
shelter_manageranimal_shelter_managerMatch1.40
OR
shelter_manageranimal_shelter_managerMatch2.0.1
OR
shelter_manageranimal_shelter_managerMatch2.0.2
OR
shelter_manageranimal_shelter_managerMatch2.0.6
OR
shelter_manageranimal_shelter_managerMatch2.0.8
OR
shelter_manageranimal_shelter_managerMatch2.0.14
OR
shelter_manageranimal_shelter_managerMatch2.0.15
OR
shelter_manageranimal_shelter_managerMatch2.0.16
OR
shelter_manageranimal_shelter_managerMatch2.0.17
OR
shelter_manageranimal_shelter_managerMatch2.0.18
OR
shelter_manageranimal_shelter_managerMatch2.0.21
OR
shelter_manageranimal_shelter_managerMatch2.0.22
OR
shelter_manageranimal_shelter_managerMatch2.1.0
OR
shelter_manageranimal_shelter_managerMatch2.1.1
OR
shelter_manageranimal_shelter_managerMatch2.2.0

6.6 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.1%

Related for CVE-2008-6109