CVE-2014-125060

Опубликовано: 07 янв. 2023

Источник: nvd

CVSS3: 7.3

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

A vulnerability, which was classified as critical, was found in holdennb CollabCal. Affected is the function handleGet of the file calenderServer.cpp. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The patch is identified as b80f6d1893607c99e5113967592417d0fe310ce6. It is recommended to apply a patch to fix this issue. VDB-217614 is the identifier assigned to this vulnerability.

Ссылки

https://github.com/holdennb/CollabCal/commit/b80f6d1893607c99e5113967592417d0fe310ce6
Patch
Third Party Advisory
https://vuldb.com/?ctiid.217614
Third Party Advisory
https://vuldb.com/?id.217614
Third Party Advisory
https://github.com/holdennb/CollabCal/commit/b80f6d1893607c99e5113967592417d0fe310ce6
Patch
Third Party Advisory
https://vuldb.com/?ctiid.217614
Third Party Advisory
https://vuldb.com/?id.217614
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:collabcal_project:collabcal:*:*:*:*:*:*:*:*

Версия до 2014-12-09 (исключая)

EPSS

Процентиль: 59%

0.00375

Низкий

7.3 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-287

Связанные уязвимости

GHSA-rp39-4v75-4gx6

CVSS3: 9.8

github

около 3 лет назад

A vulnerability, which was classified as critical, was found in holdennb CollabCal. Affected is the function handleGet of the file calenderServer.cpp. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The name of the patch is b80f6d1893607c99e5113967592417d0fe310ce6. It is recommended to apply a patch to fix this issue. VDB-217614 is the identifier assigned to this vulnerability.

EPSS

Процентиль: 59%

0.00375

Низкий

7.3 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-287