Lucene search
HistoryOct 22, 2014 - 2:55 p.m.
CVE-2014-6387
cve-2014-6387
gpc_api.php
mantisbt
authentication bypass
nvd
5.3 Medium
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
72.4%
gpc_api.php in MantisBT 1.2.17 and earlier allows remote attackers to bypass authenticated via a password starting will a null byte, which triggers an unauthenticated bind.
Related
fedora
fedora
[SECURITY] Fedora 21 Update: mantis-1.2.17-3.fc21
2014-10-12 05:06:38
[SECURITY] Fedora 20 Update: mantis-1.2.17-3.fc20
2014-10-12 05:01:05
[SECURITY] Fedora 20 Update: mantis-1.2.17-4.fc20
2014-12-12 04:30:46
prion
prion
Authentication flaw
2014-10-22 14:55:00
nessus
nessus
Fedora 20 : mantis-1.2.17-3.fc20 (2014-12146)
2014-10-12 00:00:00
Fedora 19 : mantis-1.2.17-3.fc19 (2014-12165)
2014-10-12 00:00:00
Fedora 21 : mantis-1.2.17-3.fc21 (2014-12184)
2014-10-12 00:00:00
ubuntucve
ubuntucve
CVE-2014-6387
2014-10-22 00:00:00
openvas
openvas
Fedora Update for mantis FEDORA-2014-12146
2014-10-13 00:00:00
Fedora Update for mantis FEDORA-2014-12165
2014-10-13 00:00:00
Fedora Update for mantis FEDORA-2014-15108
2014-12-12 00:00:00
archlinux
archlinux
mantisbt: multiple issues
2014-12-08 00:00:00
osv
osv
mantis - security update
2015-01-06 00:00:00
5.3 Medium
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
72.4%
Related for CVE-2014-6387