Lucene search

PRIOn knowledge basePRION:CVE-2006-0370

HistoryJan 22, 2006 - 8:03 p.m.

Improper access control

2006-01-2220:03:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.014 Low

EPSS

Percentile

86.2%

JSON

Noah Medling RCBlog 1.03 stores the data and config directories under the web root with insufficient access control, which allows remote attackers to view account names and MD5 password hashes.

CPENameOperatorVersion
rcblogeq1.03

CPE	Name	Operator	Version
	rcblog	eq	1.03

References

evuln.com/vulns/42/summary.html

secunia.com/advisories/18547

securitytracker.com/id?1015523

www.fluffington.com/index.php?page=rcblog

www.osvdb.org/22679

www.securityfocus.com/archive/1/422499/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/24249

7 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.014 Low

EPSS

Percentile

86.2%

JSON

Related for PRION:CVE-2006-0370