Lucene search

[email protected]NVD:CVE-2010-5292

HistoryJan 10, 2014 - 4:47 p.m.

CVE-2010-5292

2014-01-1016:47:05

CWE-200

[email protected]

web.nvd.nist.gov

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

5.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Amberdms Billing System (ABS) before 1.4.1, when a multi-instance installation is configured, might allow local users to obtain sensitive information by reading the cache in between runs of the include/cron/services_usage.php cron job.

Affected configurations

NVD

Node

amberdmsamberdms_billing_systemRange≤1.4.0

amberdmsamberdms_billing_systemMatch1.0.0

amberdmsamberdms_billing_systemMatch1.1.0

amberdmsamberdms_billing_systemMatch1.2.0

amberdmsamberdms_billing_systemMatch1.3.0

References

projects.jethrocarr.com/p/oss-amberdms-bs/source/tree/f23f1121bd137bf798c8d3f01d35fa297a285331/help/docs/RELEASE_NOTES

raw.github.com/jethrocarr/amberdms-bs/master/help/docs/CHANGELOG

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

5.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2010-5292

cvelist1 cve1 prion1