Lucene search
HistoryAug 25, 2009 - 10:30 a.m.
CVE-2008-7069
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.3
Confidence
Low
EPSS
0.009
Percentile
82.5%
All Club CMS (ACCMS) 0.0.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database configuration information, including credentials, via a direct request to accms.dat.
Affected configurations
Node
paul_arbogastaccmsRange≤0.0.2
ORpaul_arbogastaccmsMatch0.0.1a
ORpaul_arbogastaccmsMatch0.0.1c
ORpaul_arbogastaccmsMatch0.0.1d
ORpaul_arbogastaccmsMatch0.0.1e
ORpaul_arbogastaccmsMatch0.0.1f
ORpaul_arbogastaccmsMatch0.0.1g
ORpaul_arbogastaccmsMatch0.0.1h
| Vendor | Product | Version | CPE |
|---|---|---|---|
| paul_arbogast | accms | * | cpe:2.3:a:paul_arbogast:accms:*:*:*:*:*:*:*:* |
| paul_arbogast | accms | 0.0.1a | cpe:2.3:a:paul_arbogast:accms:0.0.1a:*:*:*:*:*:*:* |
| paul_arbogast | accms | 0.0.1c | cpe:2.3:a:paul_arbogast:accms:0.0.1c:*:*:*:*:*:*:* |
| paul_arbogast | accms | 0.0.1d | cpe:2.3:a:paul_arbogast:accms:0.0.1d:*:*:*:*:*:*:* |
| paul_arbogast | accms | 0.0.1e | cpe:2.3:a:paul_arbogast:accms:0.0.1e:*:*:*:*:*:*:* |
| paul_arbogast | accms | 0.0.1f | cpe:2.3:a:paul_arbogast:accms:0.0.1f:*:*:*:*:*:*:* |
| paul_arbogast | accms | 0.0.1g | cpe:2.3:a:paul_arbogast:accms:0.0.1g:*:*:*:*:*:*:* |
| paul_arbogast | accms | 0.0.1h | cpe:2.3:a:paul_arbogast:accms:0.0.1h:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2008-7069
2009-08-25 10:00:00
exploitdb
exploitdb
All Club CMS 0.0.2 - Remote Database Configuration Retrieve
2008-11-28 00:00:00
cve
cve
CVE-2008-7069
2009-08-25 10:30:00
prion
prion
Improper access control
2009-08-25 10:30:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.3
Confidence
Low
EPSS
0.009
Percentile
82.5%
Related for NVD:CVE-2008-7069