Lucene search
MitreCVE-2014-7178HistoryNov 28, 2014 - 3:59 p.m.
CVE-2014-7178
2014-11-2815:59:00
CWE-20
mitre
web.nvd.nist.gov
27
cve-2014-7178
enalean tuleap
remote code execution
user-agent header
php function
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.8
Confidence
Low
EPSS
0.051
Percentile
93.0%
Enalean Tuleap before 7.5.99.6 allows remote attackers to execute arbitrary commands via the User-Agent header, which is provided to the passthru PHP function.
Affected configurations
Node
enaleantuleapRange≤7.5.99.5
Related
seebug
seebug
Enalean Tuleap 7.4.99.5 - Remote Command Execution
2014-11-13 00:00:00
exploitdb
exploitdb
Enalean Tuleap 7.4.99.5 - Remote Command Execution
2014-10-28 00:00:00
prion
prion
Design/Logic Flaw
2014-11-28 15:59:00
exploitpack
exploitpack
Enalean Tuleap 7.4.99.5 - Remote Command Execution
2014-10-28 00:00:00
nvd
nvd
CVE-2014-7178
2014-11-28 15:59:00
packetstorm
packetstorm
Tuleap 7.4.99.5 Remote Command Execution
2014-10-28 00:00:00
cvelist
cvelist
CVE-2014-7178
2014-11-28 15:00:00
zdt
zdt
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.8
Confidence
Low
EPSS
0.051
Percentile
93.0%
Related for CVE-2014-7178