Lucene search

[email protected]CVE-2009-5021

HistoryDec 09, 2010 - 8:00 p.m.

CVE-2009-5021

2010-12-0920:00:01

CWE-255

[email protected]

web.nvd.nist.gov

cobbler

cve-2009-5021

default password

vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

64.7%

JSON

Cobbler before 1.6.1 does not properly determine whether an installation has the default password, which makes it easier for attackers to obtain access by using this password.

Affected configurations

NVD

Node

michael_dehaancobblerRange≤1.4.3-4

michael_dehaancobblerMatch0.1.1.7

michael_dehaancobblerMatch0.2.1

michael_dehaancobblerMatch0.2.2

michael_dehaancobblerMatch0.2.3

michael_dehaancobblerMatch0.2.5

michael_dehaancobblerMatch0.2.7

michael_dehaancobblerMatch0.2.8

michael_dehaancobblerMatch0.2.9

michael_dehaancobblerMatch0.3.0

michael_dehaancobblerMatch0.3.1

michael_dehaancobblerMatch0.3.3

michael_dehaancobblerMatch0.3.4

michael_dehaancobblerMatch0.3.5

michael_dehaancobblerMatch0.3.6

michael_dehaancobblerMatch0.3.7

michael_dehaancobblerMatch0.3.9

michael_dehaancobblerMatch0.4.0

michael_dehaancobblerMatch0.4.2

michael_dehaancobblerMatch0.4.3

michael_dehaancobblerMatch0.4.5

michael_dehaancobblerMatch0.4.6

michael_dehaancobblerMatch0.4.7

michael_dehaancobblerMatch0.4.8

michael_dehaancobblerMatch0.5.0

michael_dehaancobblerMatch0.6.0

michael_dehaancobblerMatch0.6.1

michael_dehaancobblerMatch0.6.3

michael_dehaancobblerMatch0.6.4

michael_dehaancobblerMatch0.6.5

michael_dehaancobblerMatch0.8.1

michael_dehaancobblerMatch0.8.3

michael_dehaancobblerMatch1.0.0

michael_dehaancobblerMatch1.0.2

michael_dehaancobblerMatch1.0.2-1

michael_dehaancobblerMatch1.0.3-1

michael_dehaancobblerMatch1.2.0

michael_dehaancobblerMatch1.2.2

michael_dehaancobblerMatch1.2.3

michael_dehaancobblerMatch1.2.5

michael_dehaancobblerMatch1.2.6

michael_dehaancobblerMatch1.2.7

michael_dehaancobblerMatch1.2.8

michael_dehaancobblerMatch1.2.8-1

michael_dehaancobblerMatch1.2.9

michael_dehaancobblerMatch1.2.9-1

michael_dehaancobblerMatch1.3.1

michael_dehaancobblerMatch1.3.1-1

michael_dehaancobblerMatch1.3.3

michael_dehaancobblerMatch1.3.3-1

michael_dehaancobblerMatch1.3.4

michael_dehaancobblerMatch1.3.4-1

michael_dehaancobblerMatch1.4.0

michael_dehaancobblerMatch1.4.0-2

michael_dehaancobblerMatch1.4.1

michael_dehaancobblerMatch1.4.1-1

michael_dehaancobblerMatch1.4.2

michael_dehaancobblerMatch1.4.2-1

michael_dehaancobblerMatch1.4.3

CPENameOperatorVersion
michael_dehaan:cobblermichael dehaan cobblerle1.4.3-4
michael_dehaan:cobblermichael dehaan cobblereq0.1.1.7
michael_dehaan:cobblermichael dehaan cobblereq0.2.1
michael_dehaan:cobblermichael dehaan cobblereq0.2.2
michael_dehaan:cobblermichael dehaan cobblereq0.2.3
michael_dehaan:cobblermichael dehaan cobblereq0.2.5
michael_dehaan:cobblermichael dehaan cobblereq0.2.7
michael_dehaan:cobblermichael dehaan cobblereq0.2.8
michael_dehaan:cobblermichael dehaan cobblereq0.2.9
michael_dehaan:cobblermichael dehaan cobblereq0.3.0

CPE	Name	Operator	Version
michael_dehaan:cobbler	michael dehaan cobbler	le	1.4.3-4
michael_dehaan:cobbler	michael dehaan cobbler	eq	0.1.1.7
michael_dehaan:cobbler	michael dehaan cobbler	eq	0.2.1
michael_dehaan:cobbler	michael dehaan cobbler	eq	0.2.2
michael_dehaan:cobbler	michael dehaan cobbler	eq	0.2.3
michael_dehaan:cobbler	michael dehaan cobbler	eq	0.2.5
michael_dehaan:cobbler	michael dehaan cobbler	eq	0.2.7
michael_dehaan:cobbler	michael dehaan cobbler	eq	0.2.8
michael_dehaan:cobbler	michael dehaan cobbler	eq	0.2.9
michael_dehaan:cobbler	michael dehaan cobbler	eq	0.3.0

Rows per page:

1-10 of 591

References

people.fedoraproject.org/~shenson/cobbler/cobbler-2.0.8.tar.gz

exchange.xforce.ibmcloud.com/vulnerabilities/64734

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

64.7%

JSON

Related for CVE-2009-5021

prion1 nvd1 cvelist1