CVE-2005-3339

2005-10-2710:02:00

mitre

web.nvd.nist.gov

mantis

cve-2005-3339

user id caching

security vulnerability

nvd

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.2

Confidence

Low

EPSS

0.01

Percentile

83.4%

JSON

Mantis before 0.19.3 caches the User ID longer than necessary, which has unknown impact and attack vectors.

Affected configurations

Nvd

Node

mantismantisMatch0.19.0

mantismantisMatch0.19.0_rc1

mantismantisMatch0.19.0a1

mantismantisMatch0.19.0a2

mantismantisMatch0.19.1

mantismantisMatch0.19.2

mantismantisMatch0.19.3

VendorProductVersionCPE
mantismantis0.19.0cpe:2.3:a:mantis:mantis:0.19.0:*:*:*:*:*:*:*
mantismantis0.19.0_rc1cpe:2.3:a:mantis:mantis:0.19.0_rc1:*:*:*:*:*:*:*
mantismantis0.19.0a1cpe:2.3:a:mantis:mantis:0.19.0a1:*:*:*:*:*:*:*
mantismantis0.19.0a2cpe:2.3:a:mantis:mantis:0.19.0a2:*:*:*:*:*:*:*
mantismantis0.19.1cpe:2.3:a:mantis:mantis:0.19.1:*:*:*:*:*:*:*
mantismantis0.19.2cpe:2.3:a:mantis:mantis:0.19.2:*:*:*:*:*:*:*
mantismantis0.19.3cpe:2.3:a:mantis:mantis:0.19.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mantis	mantis	0.19.0	cpe:2.3:a:mantis:mantis:0.19.0:::::::*
mantis	mantis	0.19.0_rc1	cpe:2.3:a:mantis:mantis:0.19.0_rc1:::::::*
mantis	mantis	0.19.0a1	cpe:2.3:a:mantis:mantis:0.19.0a1:::::::*
mantis	mantis	0.19.0a2	cpe:2.3:a:mantis:mantis:0.19.0a2:::::::*
mantis	mantis	0.19.1	cpe:2.3:a:mantis:mantis:0.19.1:::::::*
mantis	mantis	0.19.2	cpe:2.3:a:mantis:mantis:0.19.2:::::::*
mantis	mantis	0.19.3	cpe:2.3:a:mantis:mantis:0.19.3:::::::*