Lucene search

PRIOn knowledge basePRION:CVE-2007-2232

HistoryApr 25, 2007 - 3:19 p.m.

Authentication flaw

2007-04-2515:19:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.045 Low

EPSS

Percentile

92.3%

JSON

The CHECK command in Cosign 2.0.1 and earlier allows remote attackers to bypass authentication requirements via CR (\r) sequences in the cosign cookie parameter.

CPENameOperatorVersion
cosigneq0.9.0
cosigneq1.6
cosigneq0.8.0
cosigneq1.0
cosigneq1.5
cosigneq1.8
cosigneq1.1
cosigneq1.8.5
cosigneq0.7.0
cosigneq2.0.1

Name	Operator	Version
cosign	eq	0.9.0
cosign	eq	1.6
cosign	eq	0.8.0
cosign	eq	1.0
cosign	eq	1.5
cosign	eq	1.8
cosign	eq	1.1
cosign	eq	1.8.5
cosign	eq	0.7.0
cosign	eq	2.0.1

Rows per page:

1-10 of 121

References

secunia.com/advisories/24845

www.securityfocus.com/archive/1/465386/100/100/threaded

www.umich.edu/~umweb/software/cosign/cosign-vuln-2007-001.txt

www.vupen.com/english/advisories/2007/1359

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.045 Low

EPSS

Percentile

92.3%

JSON

Related for PRION:CVE-2007-2232

cve1