Lucene search

Ubuntu.comUB:CVE-2015-8003

HistoryNov 09, 2015 - 12:00 a.m.

CVE-2015-8003

2015-11-0900:00:00

ubuntu.com

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

0.002 Low

EPSS

Percentile

64.9%

JSON

MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3
does not throttle file uploads, which allows remote authenticated users to
have unspecified impact via multiple file uploads.

References

launchpad.net/bugs/cve/CVE-2015-8003

nvd.nist.gov/vuln/detail/CVE-2015-8003

phabricator.wikimedia.org/T91850

security-tracker.debian.org/tracker/CVE-2015-8003

www.cve.org/CVERecord?id=CVE-2015-8003

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

0.002 Low

EPSS

Percentile

64.9%

JSON

Related for UB:CVE-2015-8003