Описание
KnowledgeTree Document Management (aka KnowledgeTree Open Source) before STABLE 3.3.7 does not require a password for an unregistered user, when the user exists in Active Directory, which allows remote attackers to log onto KTDMS without the intended authorization check.
KnowledgeTree Document Management (aka KnowledgeTree Open Source) before STABLE 3.3.7 does not require a password for an unregistered user, when the user exists in Active Directory, which allows remote attackers to log onto KTDMS without the intended authorization check.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-2849
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34463
- http://osvdb.org/36578
- http://secunia.com/advisories/25360
- http://sourceforge.net/forum/forum.php?forum_id=698243
- http://sourceforge.net/project/shownotes.php?release_id=510338
- http://www.securityfocus.com/bid/24110
- http://www.vupen.com/english/advisories/2007/1920
EPSS
CVE ID
Связанные уязвимости
KnowledgeTree Document Management (aka KnowledgeTree Open Source) before STABLE 3.3.7 does not require a password for an unregistered user, when the user exists in Active Directory, which allows remote attackers to log onto KTDMS without the intended authorization check.
KnowledgeTree Document Management (aka KnowledgeTree Open Source) before STABLE 3.3.7 does not require a password for an unregistered user, when the user exists in Active Directory, which allows remote attackers to log onto KTDMS without the intended authorization check.
KnowledgeTree Document Management (aka KnowledgeTree Open Source) befo ...
EPSS