← voltar
CVE-2014-125060

holdennb CollabCal calenderServer.cpp handleGet improper authentication

CVSS 7.3 HIGHEPSS 1.0%CWE-287
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 7.3EPSS 1.0%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
07 jan 2023Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A vulnerability, which was classified as critical, was found in holdennb CollabCal. Affected is the function handleGet of the file calenderServer.cpp. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The patch is identified as b80f6d1893607c99e5113967592417d0fe310ce6. It is recommended to apply a patch to fix this issue. VDB-217614 is the identifier assigned to this vulnerability.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Produtos afetados
holdennb · CollabCal

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/holdennb/CollabCal/commit/b80f6d1893607c99e5113967592417d0fe310ce6https://vuldb.com/?ctiid.217614https://vuldb.com/?id.217614