Lucene search
HistoryOct 31, 2014 - 2:55 p.m.
CVE-2014-7986
cve-2014-7986
espocrm
security vulnerability
re-installation vulnerability
nvd
6.6 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.013 Low
EPSS
Percentile
85.6%
install/index.php in EspoCRM before 2.6.0 allows remote attackers to re-install the application via a 1 value in the installProcess parameter.
| CPE | Name | Operator | Version |
|---|---|---|---|
| espocrm:espocrm | espocrm | le | 2.5.2 |
Related
prion
prion
Code injection
2014-10-31 14:55:00
cvelist
cvelist
CVE-2014-7986
2014-10-31 14:00:00
packetstorm
packetstorm
EspoCRM 2.5.2 XSS / LFI / Access Control
2014-10-29 00:00:00
htbridge
htbridge
Multiple vulnerabilities in EspoCRM
2014-10-08 00:00:00
openvas
openvas
EspoCRM '/install/index.php' Multiple Vulnerabilities
2014-10-30 00:00:00
securityvulns
securityvulns
Multiple vulnerabilities in EspoCRM
2014-11-03 00:00:00
zdt
zdt
EspoCRM 2.5.2 XSS / LFI / Access Control Vulnerabilities
2014-10-30 00:00:00
6.6 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.013 Low
EPSS
Percentile
85.6%
Related for CVE-2014-7986