CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
88.4%
KnowledgeTree Document Management (aka KnowledgeTree Open Source) before STABLE 3.3.7 does not require a password for an unregistered user, when the user exists in Active Directory, which allows remote attackers to log onto KTDMS without the intended authorization check.
Vendor | Product | Version | CPE |
---|---|---|---|
knowledgetree_document_management | knowledgetree_document_management | 3.3.3 | cpe:2.3:a:knowledgetree_document_management:knowledgetree_document_management:3.3.3:*:*:*:*:*:*:* |