ID CVE-2008-6375Type cveReporter cve@mitre.orgModified 2017-08-17T01:29:00
Description
JBook stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to userids.mdb.
{"id": "CVE-2008-6375", "bulletinFamily": "NVD", "title": "CVE-2008-6375", "description": "JBook stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to userids.mdb.", "published": "2009-03-02T19:30:00", "modified": "2017-08-17T01:29:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6375", "reporter": "cve@mitre.org", "references": ["https://exchange.xforce.ibmcloud.com/vulnerabilities/47034", "http://packetstormsecurity.org/0812-exploits/jbook-disclosesql.txt"], "cvelist": ["CVE-2008-6375"], "type": "cve", "lastseen": "2019-05-29T18:09:30", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "0022b4ed08ea44e0cdd6cca59c118fad"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "2378c2d820a5756364f455f9a7134e03"}, {"key": "cpe23", "hash": "2736be9464880acc4c3757fc5957a6b4"}, {"key": "cvelist", "hash": "75750a284b2ef9a23f3d3bb3bddf369e"}, {"key": "cvss", "hash": "a89198c45ce87f7ec9735a085150b708"}, {"key": "cvss2", "hash": "f30109dfdbfbf783c0b61792a6b2c20a"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "fa12e087f68642fcaefafba0d4583885"}, {"key": "description", "hash": "85c3b66b5174d5e9113351f7e5cd249d"}, {"key": "href", "hash": "fbae8506e57e240e24e577ba5c1c405f"}, {"key": "modified", "hash": "042be6a55c0100aa7f711b7156c9abb7"}, {"key": "published", "hash": "56da5a3c31935ff4ea6194d6a5819953"}, {"key": "references", "hash": "b1e08ad1319f6d4d06e8bf45450a2cb8"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "55cb4d9662486a673e9a348ea45ec1fd"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "b3ed6aa662641ee8f0dd2e347ae26145a8c89c80fea3ee84450453d14baca42f", "viewCount": 0, "enchantments": {"score": {"value": 5.1, "vector": "NONE", "modified": "2019-05-29T18:09:30"}, "dependencies": {"references": [], "modified": "2019-05-29T18:09:30"}, "vulnersScore": 5.1}, "objectVersion": "1.3", "cpe": ["cpe:/a:nexusjnr:jbook:-"], "affectedSoftware": [{"name": "nexusjnr jbook", "operator": "eq", "version": "-"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:nexusjnr:jbook:-:*:*:*:*:*:*:*"], "cwe": ["CWE-264"]}
{}
