| ID |
CVE-2019-16236
|
| Summary |
Dino before 2019-09-10 does not check roster push authorization in module/roster/module.vala. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:dino:dino:-:*:*:*:*:*:*:*
cpe:2.3:a:dino:dino:-:*:*:*:*:*:*:*
-
cpe:2.3:a:dino:dino:0.0:*:*:*:*:*:*:*
cpe:2.3:a:dino:dino:0.0:*:*:*:*:*:*:*
-
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
-
cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
-
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
-
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
-
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 5.0 (as of 14-09-2020 - 14:27) |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-862 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| NONE |
PARTIAL |
NONE |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:N/C:N/I:P/A:N
|
| refmap
via4
|
| bugtraq | 20190917 [SECURITY] [DSA 4524-1] dino-im security update | | debian | DSA-4524 | | fedora | - FEDORA-2019-0eb6d51f81
- FEDORA-2019-2555c77f63
- FEDORA-2019-3d3bb765ca
| | misc | | | mlist | [oss-security] 20190912 3 CVEs in dino | | ubuntu | USN-4306-1 |
|
| Last major update |
14-09-2020 - 14:27 |
| Published |
11-09-2019 - 19:15 |
| Last modified |
14-09-2020 - 14:27 |
