CVE-2006-5932

Опубликовано: 16 нояб. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Kahua before 0.7, when running multiple applications under a single supervisor, grants application access on the basis of username instead of username and database name, which allows remote authenticated users to obtain unauthorized access if different databases assign the same username to different user accounts.

Ссылки

http://secunia.com/advisories/22785
Patch
Vendor Advisory
http://www.kahua.org/cgi-bin/kahua.fcgi/kahua-web/show/KSA/KSA2006-001
Patch
Vendor Advisory
http://www.securityfocus.com/bid/21074
http://www.timedia.co.jp/news/2467470581
Patch
Vendor Advisory
http://www.vupen.com/english/advisories/2006/4486
https://exchange.xforce.ibmcloud.com/vulnerabilities/30206
http://secunia.com/advisories/22785
Patch
Vendor Advisory
http://www.kahua.org/cgi-bin/kahua.fcgi/kahua-web/show/KSA/KSA2006-001
Patch
Vendor Advisory
http://www.securityfocus.com/bid/21074
http://www.timedia.co.jp/news/2467470581
Patch
Vendor Advisory
http://www.vupen.com/english/advisories/2006/4486
https://exchange.xforce.ibmcloud.com/vulnerabilities/30206

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:kahua:kahua:0.1:*:*:*:*:*:*:*

cpe:2.3:a:kahua:kahua:0.2:*:*:*:*:*:*:*

cpe:2.3:a:kahua:kahua:0.3:*:*:*:*:*:*:*

cpe:2.3:a:kahua:kahua:0.4:*:*:*:*:*:*:*

cpe:2.3:a:kahua:kahua:0.5:*:*:*:*:*:*:*

cpe:2.3:a:kahua:kahua:0.6:*:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01414

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-9ppq-89xg-x2c9

github

почти 4 года назад