Lucene search
HistoryJun 01, 2009 - 7:30 p.m.
CVE-2009-1854
cve-2009-1854
nvd
authentication bypass
remote attackers
administrative access
cookie manipulation
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.009 Low
EPSS
Percentile
83.1%
Million Dollar Text Links 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the userid cookie to 1.
Affected configurations
Node
cmsnxmillion_dollar_text_linksMatch1.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| cmsnx:million_dollar_text_links | cmsnx million dollar text links | eq | 1.0 |
References
Related
prion
prion
Authentication flaw
2009-06-01 19:30:00
nvd
nvd
CVE-2009-1854
2009-06-01 19:30:00
cvelist
cvelist
CVE-2009-1854
2009-06-01 19:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.009 Low
EPSS
Percentile
83.1%
Related for CVE-2009-1854