Lucene search
HistoryDec 17, 2014 - 7:59 p.m.
CVE-2014-9388
cve-2014-9388
bug_report.php
mantisbt
remote attackers
arbitrary issues
handler_id parameter
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
5.5 Medium
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
78.2%
bug_report.php in MantisBT before 1.2.18 allows remote attackers to assign arbitrary issues via the handler_id parameter.
Affected configurations
Node
mantisbtmantisbtRange≤1.2.17
| CPE | Name | Operator | Version |
|---|---|---|---|
| mantisbt:mantisbt | mantisbt | le | 1.2.17 |
Related
cvelist
cvelist
CVE-2014-9388
2014-12-17 19:00:00
ubuntucve
ubuntucve
CVE-2014-9388
2014-12-17 00:00:00
prion
prion
Code injection
2014-12-17 19:59:00
nvd
nvd
CVE-2014-9388
2014-12-17 19:59:08
openvas
openvas
MantisBT <= 1.2.17 Multiple Vulnerabilities
2014-11-25 00:00:00
Debian Security Advisory DSA 3120-1 (mantis - security update)
2015-01-06 00:00:00
Debian: Security Advisory (DSA-3120-1)
2015-01-05 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3120-1] mantis security update
2015-01-19 00:00:00
debian
debian
[SECURITY] [DSA 3120-1] mantis security update
2015-01-06 20:35:26
nessus
nessus
Debian DSA-3120-1 : mantis - security update
2015-01-08 00:00:00
osv
osv
mantis - security update
2015-01-06 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
5.5 Medium
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
78.2%
Related for CVE-2014-9388