Опубликовано: 16 апр. 2017
Источник: ubuntu
Приоритет: high
EPSS Критический
CVSS2: 6.5
CVSS3: 8.8
Описание
MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirm_hash value to verify.php.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needs-triage |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | needs-triage | |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | DNE |
Показывать по
10
EPSS
Процентиль: 100%
0.93166
Критический
6.5 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
CVSS3: 8.8
nvd
больше 8 лет назад
MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirm_hash value to verify.php.
CVSS3: 8.8
debian
больше 8 лет назад
MantisBT through 2.3.0 allows arbitrary password reset and unauthentic ...
EPSS
Процентиль: 100%
0.93166
Критический
6.5 Medium
CVSS2
8.8 High
CVSS3