ID |
CVE-2007-2638
|
Summary |
eFileCabinet 3.3 allows remote attackers to bypass authentication and access restricted portions of the interface via an invalid filecabinetnumber, which can be leveraged to obtain sensitive information or create new data structures. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 10.0 (as of 16-10-2018 - 16:44) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
COMPLETE |
COMPLETE |
COMPLETE |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
refmap
via4
|
bid | 23944 | bugtraq | 20070511 eFileCabinet Authentication Bypass | osvdb | 34774 | sreason | 2696 | xf | efilecabinet-cabinetnumber-security-bypass(34251) |
|
Last major update |
16-10-2018 - 16:44 |
Published |
13-05-2007 - 23:19 |
Last modified |
16-10-2018 - 16:44 |