CVE-2017-14231

Опубликовано: 10 сент. 2017

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

GeniXCMS before 1.1.0 allows remote attackers to cause a denial of service (account blockage) by leveraging the mishandling of certain username substring relationships, such as the admin

Ссылки

https://github.com/semplon/GeniXCMS/issues/78
Exploit
Third Party Advisory
https://github.com/semplon/GeniXCMS/releases/tag/v1.1.0
Release Notes
Third Party Advisory
https://github.com/semplon/GeniXCMS/issues/78
Exploit
Third Party Advisory
https://github.com/semplon/GeniXCMS/releases/tag/v1.1.0
Release Notes
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:genixcms:genixcms:*:*:*:*:*:*:*:*

Версия до 1.0.2 (включая)

EPSS

Процентиль: 69%

0.00608

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-2m9r-pm7q-wr6f