Описание
mod_channel.bas in The Ignition Project ignitionServer 0.3.0 to 0.3.6, and possibly earlier versions, does not properly verify whether a host has the owner privileges required to delete IRC channel access entries, which allows remote attackers to bypass intended restrictions.
Ссылки
- Patch
- ExploitPatchVendor Advisory
- Patch
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:the_ignition_project:ignitionserver:0.3.0:*:*:*:*:*:*:*
cpe:2.3:a:the_ignition_project:ignitionserver:0.3.1:*:*:*:*:*:*:*
cpe:2.3:a:the_ignition_project:ignitionserver:0.3.2:*:*:*:*:*:*:*
cpe:2.3:a:the_ignition_project:ignitionserver:0.3.3:*:*:*:*:*:*:*
cpe:2.3:a:the_ignition_project:ignitionserver:0.3.4:*:*:*:*:*:*:*
cpe:2.3:a:the_ignition_project:ignitionserver:0.3.5:*:*:*:*:*:*:*
cpe:2.3:a:the_ignition_project:ignitionserver:0.3.6:*:*:*:*:*:*:*
EPSS
Процентиль: 23%
0.00077
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
mod_channel.bas in The Ignition Project ignitionServer 0.3.0 to 0.3.6, and possibly earlier versions, does not properly verify whether a host has the owner privileges required to delete IRC channel access entries, which allows remote attackers to bypass intended restrictions.
EPSS
Процентиль: 23%
0.00077
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other