Lucene search

[email protected]NVD:CVE-2008-0556

HistoryFeb 19, 2008 - 12:00 a.m.

CVE-2008-0556

2008-02-1900:00:00

CWE-264

CWE-352

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.9

Confidence

Low

EPSS

0.004

Percentile

73.2%

JSON

Cross-site request forgery (CSRF) vulnerability in OpenCA PKI 0.9.2.5, and possibly earlier versions, allows remote attackers to perform unauthorized actions as authorized users via a link or IMG tag to RAServer.

Affected configurations

Nvd

Node

opencaopenca_pkiRange≤0.9.2.5

VendorProductVersionCPE
opencaopenca_pki*cpe:2.3:a:openca:openca_pki:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
openca	openca_pki	*	cpe:2.3:a:openca:openca_pki::::::::

References

lists.grok.org.uk/pipermail/full-disclosure/2008-February/060300.html

secunia.com/advisories/28951

securitytracker.com/id?1019426

www.kb.cert.org/vuls/id/264385

www.vupen.com/english/advisories/2008/0588

exchange.xforce.ibmcloud.com/vulnerabilities/40476

www.cynops.de/advisories/CVE-2008-0556.txt

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.9

Confidence

Low

EPSS

0.004

Percentile

73.2%

JSON

Related for NVD:CVE-2008-0556

cert1 cvelist1 cve1 prion1