Lucene search
HistoryDec 17, 2015 - 7:59 p.m.
CVE-2015-8368
ntopng
ntop
cve-2015-8368
security vulnerability
privilege escalation
user authentication
6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
6.4 Medium
AI Score
Confidence
Low
0.041 Low
EPSS
Percentile
92.2%
ntopng (aka ntop) before 2.2 allows remote authenticated users to change the login context and gain privileges via the user cookie and username parameter to admin/password_reset.lua.
Affected configurations
Node
ntopntopngRange≤2.0.151021
| CPE | Name | Operator | Version |
|---|---|---|---|
| ntop:ntopng | ntop ntopng | le | 2.0.151021 |
Related
exploitpack
exploitpack
ntop-ng 2.0.151021 - Privilege Escalation
2015-12-01 00:00:00
prion
prion
Code injection
2015-12-17 19:59:00
nvd
nvd
CVE-2015-8368
2015-12-17 19:59:10
debiancve
debiancve
CVE-2015-8368
2015-12-17 19:59:10
zdt
zdt
ntop-ng 2.0.151021 - Privilege Escalation Vulnerability
2015-12-01 00:00:00
ubuntucve
ubuntucve
CVE-2015-8368
2015-12-17 00:00:00
openvas
openvas
ntopng < 2.2 Privilege Escalation Vulnerability
2016-12-20 00:00:00
cvelist
cvelist
CVE-2015-8368
2015-12-17 19:00:00
packetstorm
packetstorm
ntop-ng 2.0.15102 Privilege Escalation
2015-12-02 00:00:00
exploitdb
exploitdb
ntop-ng 2.0.151021 - Privilege Escalation
2015-12-01 00:00:00
6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
6.4 Medium
AI Score
Confidence
Low
0.041 Low
EPSS
Percentile
92.2%
Related for CVE-2015-8368