Lucene search

[email protected]CVE-2008-7196

HistoryOct 03, 2022 - 4:13 p.m.

CVE-2008-7196

2022-10-0316:13:53

[email protected]

web.nvd.nist.gov

vulnerability

metashell

cve-2008-7196

nvd

security flaw

path execution

untrusted search path

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

12.7%

JSON

Unspecified vulnerability in metashell before 0.03 has unknown impact and attack vectors related to a “PATH execution security flaw,” possibly an untrusted search path vulnerability.

Affected configurations

NVD

Node

mark_reinsfeldermetashellRange≤0.02b

mark_reinsfeldermetashellMatch0.01b

CPENameOperatorVersion
mark_reinsfelder:metashellmark reinsfelder metashellle0.02b
mark_reinsfelder:metashellmark reinsfelder metashelleq0.01b

CPE	Name	Operator	Version
mark_reinsfelder:metashell	mark reinsfelder metashell	le	0.02b
mark_reinsfelder:metashell	mark reinsfelder metashell	eq	0.01b

References

archives.neohapsis.com/archives/apps/freshmeat/2008-01/0032.html

osvdb.org/40573

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

12.7%

JSON

Related for CVE-2008-7196

nvd1 prion1 cvelist1