Japan Vulnerability NotesJVN:63511247JVN#63511247 Access Analyzer CGI Professional Version vulnerability allows third party to gain administrative privileges
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.017 Low
EPSS
Percentile
87.8%
Access Analyzer CGI provided by futomi’s CGI Cafe is a software to analyze web access logs. Access Analyzer CGI Professional Version contains a vulnerability that allows an attacker to gain administrative privileges.
Impact
A remote attacker could impersonate an administrator of Access Analyzer CGI Professional Version
Solution
Update the Software
Update to the latest version according to the information provided by the vendor.
Workarounds
As a workaround to this vulnerability, change the settings in the server where the software is installed and disable access to the administrator menu until the software is updated.
Products Affected
- Access Analyzer CGI Professional Version Ver 4.11.5 and earlier
Related
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.017 Low
EPSS
Percentile
87.8%