CVE-2016-6189

Опубликовано: 17 фев. 2017

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 4

CVSS3: 4.3

Описание

Incomplete blacklist in SOGo before 2.3.12 and 3.x before 3.1.1 allows remote authenticated users to obtain sensitive information by reading the fields in the (1) ics or (2) XML calendar feeds.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected
cosmic	not-affected
devel	needs-triage
disco	not-affected
eoan	not-affected
esm-apps/bionic	not-affected
esm-apps/focal	not-affected
esm-apps/jammy	not-affected
esm-apps/xenial	needed

Показывать по

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2016-6189

EPSS

Процентиль: 39%

0.00173

Низкий

4 Medium

CVSS2

4.3 Medium

CVSS3

Связанные уязвимости

CVE-2016-6189

CVSS3: 4.3

nvd

почти 9 лет назад

Incomplete blacklist in SOGo before 2.3.12 and 3.x before 3.1.1 allows remote authenticated users to obtain sensitive information by reading the fields in the (1) ics or (2) XML calendar feeds.

CVE-2016-6189

CVSS3: 4.3

debian

почти 9 лет назад

Incomplete blacklist in SOGo before 2.3.12 and 3.x before 3.1.1 allows ...

GHSA-px99-x547-mjjw

CVSS3: 4.3

github

больше 3 лет назад

Incomplete blacklist in SOGo before 2.3.12 and 3.x before 3.1.1 allows remote authenticated users to obtain sensitive information by reading the fields in the (1) ics or (2) XML calendar feeds.

EPSS

Процентиль: 39%

0.00173

Низкий

4 Medium

CVSS2

4.3 Medium

CVSS3

CVE-2016-6189

Описание

Пакет sogo

Ссылки на источники

Связанные уязвимости