CVE-2017-7688

Опубликовано: 17 июл. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Apache OpenMeetings 1.0.0 updates user password in insecure manner.

Ссылки

http://markmail.org/message/ctsiiqtekzsun6fi
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/99586
Third Party Advisory
VDB Entry
http://markmail.org/message/ctsiiqtekzsun6fi
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/99586
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:apache:openmeetings:1.0.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:openmeetings:2.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:openmeetings:2.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:openmeetings:2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:openmeetings:2.2.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:openmeetings:3.0.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:openmeetings:3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:openmeetings:3.0.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:openmeetings:3.0.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:openmeetings:3.0.4:*:*:*:*:*:*:*

cpe:2.3:a:apache:openmeetings:3.0.5:*:*:*:*:*:*:*

cpe:2.3:a:apache:openmeetings:3.0.6:*:*:*:*:*:*:*

cpe:2.3:a:apache:openmeetings:3.0.7:*:*:*:*:*:*:*

cpe:2.3:a:apache:openmeetings:3.1.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:openmeetings:3.1.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:openmeetings:3.1.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:openmeetings:3.1.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:openmeetings:3.1.4:*:*:*:*:*:*:*

cpe:2.3:a:apache:openmeetings:3.1.5:*:*:*:*:*:*:*

cpe:2.3:a:apache:openmeetings:3.2.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:openmeetings:3.2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 78%

0.0111

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-xhj7-jr45-5w8r