CVE-2014-3781

Опубликовано: 11 июн. 2014

Источник: ubuntu

Приоритет: medium

CVSS2: 5.8

Описание

The dcXmlRpc::setUser method in nc/core/class.dc.xmlrpc.php in Dotclear before 2.6.3 allows remote attackers to bypass authentication via an empty password in an XML-RPC request.

Релиз	Статус	Примечание
artful	DNE
bionic	DNE
cosmic	DNE
devel	DNE
disco	DNE
esm-apps/xenial	not-affected	2.6.3+dfsg-1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was needed]
lucid	DNE
precise	ignored	end of life
precise/esm	DNE	precise was needed

Показывать по

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2014-3781

5.8 Medium

CVSS2

Связанные уязвимости

CVE-2014-3781

nvd

больше 11 лет назад

The dcXmlRpc::setUser method in nc/core/class.dc.xmlrpc.php in Dotclear before 2.6.3 allows remote attackers to bypass authentication via an empty password in an XML-RPC request.

CVE-2014-3781

debian

больше 11 лет назад

The dcXmlRpc::setUser method in nc/core/class.dc.xmlrpc.php in Dotclea ...

GHSA-67p5-4gjp-j4vw

github

больше 3 лет назад

The dcXmlRpc::setUser method in nc/core/class.dc.xmlrpc.php in Dotclear before 2.6.3 allows remote attackers to bypass authentication via an empty password in an XML-RPC request.

5.8 Medium

CVSS2

CVE-2014-3781

Описание

Пакет dotclear

Ссылки на источники

Связанные уязвимости