Lucene search
GoogleOSV:CVE-2016-6190HistoryFeb 17, 2017 - 5:59 p.m.
CVE-2016-6190
2017-02-1717:59:00
Google
osv.dev
5
SOGo before 2.3.12 and 3.x before 3.1.1 does not restrict access to the UID and DTSTAMP attributes, which allows remote authenticated users to obtain sensitive information about appointments with the “View the Date & Time” restriction, as demonstrated by correlating UIDs and DTSTAMPs between all users.
| CPE | Name | Operator | Version |
|---|---|---|---|
| sogo | eq | SOGo-3.0.2 | |
| sogo | eq | SOGo-2.3.5 | |
| sogo | eq | SOGo-2.3.8 | |
| sogo | eq | SOGo-2.0.0 | |
| sogo | eq | SOGo-3.0.0b2 | |
| sogo | eq | SOGo-3.0.0b3 | |
| sogo | eq | SOGo-3.0.0 | |
| sogo | eq | SOGo-2.3.10 | |
| sogo | eq | SOGo-2.3.2 | |
| sogo | eq | SOGo-3.0.1 |
Related
cvelist
cvelist
CVE-2016-6190
2017-02-17 17:00:00
debiancve
debiancve
CVE-2016-6190
2017-02-17 17:59:00
ubuntucve
ubuntucve
CVE-2016-6190
2017-02-17 00:00:00
nvd
nvd
CVE-2016-6190
2017-02-17 17:59:00
prion
prion
Code injection
2017-02-17 17:59:00
cve
cve
CVE-2016-6190
2017-02-17 17:59:00
openvas
openvas
SOGo < 2.3.12, 3.x < 3.1.1 Multiple Vulnerabilities
2019-03-11 00:00:00