PRIOn knowledge basePRION:CVE-2008-4032Authorization
7.1 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.818 High
EPSS
Percentile
98.3%
Microsoft Office SharePoint Server 2007 Gold and SP1 and Microsoft Search Server 2008 do not properly perform authentication and authorization for administrative functions, which allows remote attackers to cause a denial of service (server load), obtain sensitive information, and “create scripts that would run in the context of the site” via requests to administrative URIs, aka “Access Control Vulnerability.”
References
secunia.com/advisories/33063
www.securitytracker.com/id?1021367
www.us-cert.gov/cas/techalerts/TA08-344A.html
www.vupen.com/english/advisories/2008/3389
docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-077
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5774
Related
7.1 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.818 High
EPSS
Percentile
98.3%