CVE-2015-2204

🗓️ 01 Feb 2018 17:01:29Reported by [email protected]Type

Evergreen versions before 2.5.9, 2.6.x before 2.6.7, and 2.7.x before 2.7.4 allows remote attackers to bypass access restrictions and obtain sensitive information by exploiting a failure to enforce view permission

Reporter	Title	Published	Views	Family All 3
CVE	CVE-2015-2204	1 Feb 201817:29	–	cve
Cvelist	CVE-2015-2204	1 Feb 201817:00	–	cvelist
Prion	Design/Logic Flaw	1 Feb 201817:29	–	prion

Nvd

Node

evergreen-ils evergreenRange<2.5.9

evergreen-ils evergreenRange2.6.0–2.6.7

evergreen-ils evergreenRange2.7.0–2.7.4

Source	Link
evergreen-ils	www.evergreen-ils.org/downloads/ChangeLog-2.6.6-2.6.7
evergreen-ils	www.evergreen-ils.org/downloads/ChangeLog-2.5.8-2.5.9
evergreen-ils	www.evergreen-ils.org/downloads/ChangeLog-2.7.3-2.7.4
git	www.git.evergreen-ils.org/
evergreen-ils	www.evergreen-ils.org/security-releases-evergreen-2-7-4-2-6-7-and-2-5-9/
securityfocus	www.securityfocus.com/bid/72889
bugs	www.bugs.launchpad.net/evergreen/+bug/1424755
openwall	www.openwall.com/lists/oss-security/2015/03/04/3

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

01 Feb 2018 17:29Current

7.5High risk

Vulners AI Score7.5

CVSS25

CVSS37.5

EPSS0.0042

CWE-200