Lucene search

[email protected]CVE-2008-7012

HistoryAug 19, 2009 - 10:30 a.m.

CVE-2008-7012

2009-08-1910:30:00

[email protected]

web.nvd.nist.gov

accellion

fta

cve-2008-7012

security vulnerability

email spam

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:C/A:N

7 High

AI Score

Confidence

Low

0.025 Low

EPSS

Percentile

90.3%

JSON

courier/1000@/api_error_email.html (aka “error reporting page”) in Accellion File Transfer Appliance FTA_7_0_178, and possibly other versions before FTA_7_0_189, allows remote attackers to send spam e-mail via modified description and client_email parameters.

Affected configurations

NVD

Node

accellionsecure_file_transfer_applianceRange≤7_0_178

accellionsecure_file_transfer_applianceMatch7_0_135

CPENameOperatorVersion
accellion:secure_file_transfer_applianceaccellion secure file transfer appliancele7_0_178
accellion:secure_file_transfer_applianceaccellion secure file transfer applianceeq7_0_135

CPE	Name	Operator	Version
accellion:secure_file_transfer_appliance	accellion secure file transfer appliance	le	7_0_178
accellion:secure_file_transfer_appliance	accellion secure file transfer appliance	eq	7_0_135

References

osvdb.org/48242

secunia.com/advisories/31848

www.securityfocus.com/bid/31178

www.securitytracker.com/id?1020870

zebux.free.fr/pub/Advisory/Advisory_Accellion_SPAM_Engine_Vulnerability_200808.txt

exchange.xforce.ibmcloud.com/vulnerabilities/45159

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:C/A:N

7 High

AI Score

Confidence

Low

0.025 Low

EPSS

Percentile

90.3%

JSON

Related for CVE-2008-7012

prion1 cvelist1 nvd1