CVE-2002-1112

Опубликовано: 04 окт. 2002

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Mantis before 0.17.4 allows remote attackers to list project bugs without authentication by modifying the cookie that is used by the "View Bugs" page.

Ссылки

http://mantisbt.sourceforge.net/advisories/2002/2002-03.txt
http://marc.info/?l=bugtraq&m=102978673018271&w=2
http://www.debian.org/security/2002/dsa-153
Patch
Vendor Advisory
http://www.securityfocus.com/bid/5514
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/9899
http://mantisbt.sourceforge.net/advisories/2002/2002-03.txt
http://marc.info/?l=bugtraq&m=102978673018271&w=2
http://www.debian.org/security/2002/dsa-153
Patch
Vendor Advisory
http://www.securityfocus.com/bid/5514
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/9899

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mantis:mantis:0.15.3:*:*:*:*:*:*:*

cpe:2.3:a:mantis:mantis:0.15.4:*:*:*:*:*:*:*

cpe:2.3:a:mantis:mantis:0.15.5:*:*:*:*:*:*:*

cpe:2.3:a:mantis:mantis:0.15.6:*:*:*:*:*:*:*

cpe:2.3:a:mantis:mantis:0.15.7:*:*:*:*:*:*:*

cpe:2.3:a:mantis:mantis:0.15.8:*:*:*:*:*:*:*

cpe:2.3:a:mantis:mantis:0.15.9:*:*:*:*:*:*:*

cpe:2.3:a:mantis:mantis:0.15.10:*:*:*:*:*:*:*

cpe:2.3:a:mantis:mantis:0.15.11:*:*:*:*:*:*:*

cpe:2.3:a:mantis:mantis:0.15.12:*:*:*:*:*:*:*

cpe:2.3:a:mantis:mantis:0.16.0:*:*:*:*:*:*:*

cpe:2.3:a:mantis:mantis:0.16.1:*:*:*:*:*:*:*

cpe:2.3:a:mantis:mantis:0.17.0:*:*:*:*:*:*:*

cpe:2.3:a:mantis:mantis:0.17.1:*:*:*:*:*:*:*

cpe:2.3:a:mantis:mantis:0.17.2:*:*:*:*:*:*:*

cpe:2.3:a:mantis:mantis:0.17.3:*:*:*:*:*:*:*

EPSS

Процентиль: 69%

0.00625

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2002-1112

debian

около 23 лет назад

Mantis before 0.17.4 allows remote attackers to list project bugs with ...

GHSA-gpmg-wwf8-crq7

github

больше 3 лет назад