Описание
ELOG before 2.5.7 allows remote attackers to bypass authentication and download a configuration file that contains a sensitive write password via a modified URL.
Ссылки
- Vendor Advisory
- Patch
- Patch
- Vendor Advisory
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:stefan_ritt:elog_web_logbook:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:stefan_ritt:elog_web_logbook:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:stefan_ritt:elog_web_logbook:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:stefan_ritt:elog_web_logbook:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:stefan_ritt:elog_web_logbook:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:stefan_ritt:elog_web_logbook:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:stefan_ritt:elog_web_logbook:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:stefan_ritt:elog_web_logbook:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:stefan_ritt:elog_web_logbook:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:stefan_ritt:elog_web_logbook:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:stefan_ritt:elog_web_logbook:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:stefan_ritt:elog_web_logbook:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:stefan_ritt:elog_web_logbook:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:stefan_ritt:elog_web_logbook:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:stefan_ritt:elog_web_logbook:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:stefan_ritt:elog_web_logbook:2.4:*:*:*:*:*:*:*
cpe:2.3:a:stefan_ritt:elog_web_logbook:2.5:*:*:*:*:*:*:*
cpe:2.3:a:stefan_ritt:elog_web_logbook:2.5.6:*:*:*:*:*:*:*
EPSS
Процентиль: 69%
0.00624
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
ubuntu
больше 20 лет назад
ELOG before 2.5.7 allows remote attackers to bypass authentication and download a configuration file that contains a sensitive write password via a modified URL.
debian
больше 20 лет назад
ELOG before 2.5.7 allows remote attackers to bypass authentication and ...
github
больше 3 лет назад
ELOG before 2.5.7 allows remote attackers to bypass authentication and download a configuration file that contains a sensitive write password via a modified URL.
EPSS
Процентиль: 69%
0.00624
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other