Lucene search
JpcertCVE-2015-2958HistoryJun 13, 2015 - 3:59 p.m.
CVE-2015-2958
2015-06-1315:59:04
CWE-264
jpcert
web.nvd.nist.gov
29
cve-2015-2958
igreks milkystep
light 0.94
professional 1.82
access restrictions
modify settings
remote attackers
vulnerability
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
AI Score
6.7
Confidence
Low
EPSS
0.005
Percentile
76.9%
Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to bypass intended access restrictions and modify settings via unspecified vectors, a different vulnerability than CVE-2015-2952 and CVE-2015-2953.
Affected configurations
Node
igreksmilkystep_lightRange≤0.94
ORigreksmilkystep_professionalRange≤1.82
ORigreksmilkystep_professional_oemRange≤1.82
| Vendor | Product | Version | CPE |
|---|---|---|---|
| igreks | milkystep_light | * | cpe:2.3:a:igreks:milkystep_light:*:*:*:*:*:*:*:* |
| igreks | milkystep_professional | * | cpe:2.3:a:igreks:milkystep_professional:*:*:*:*:*:*:*:* |
| igreks | milkystep_professional_oem | * | cpe:2.3:a:igreks:milkystep_professional_oem:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
nvd
nvd
cve
cve
CVE-2015-2953
2015-06-13 15:59:03
CVE-2015-2952
2015-06-13 15:59:02
prion
prion
Design/Logic Flaw
2015-06-13 15:59:00
Design/Logic Flaw
2015-06-13 15:59:00
Design/Logic Flaw
2015-06-13 15:59:00
jvn
jvn
JVN#74280258: MilkyStep fails to restrict access permissions
2015-06-09 00:00:00
JVN#16409640: MilkyStep fails to restrict access permissions
2015-06-09 00:00:00
JVN#19732015: MilkyStep fails to restrict access permissions
2015-06-12 00:00:00
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
AI Score
6.7
Confidence
Low
EPSS
0.005
Percentile
76.9%
Related for CVE-2015-2958