Lucene search
MitreCVE-2008-0904HistoryFeb 22, 2008 - 9:44 p.m.
CVE-2008-0904
2008-02-2221:44:00
CWE-200
mitre
web.nvd.nist.gov
25
cve-2008-0904
unspecified vulnerability
download servlet
bea plumtree collaboration
aqualogic interaction
remote attackers
arbitrary files
crafted url
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
AI Score
6.6
Confidence
High
EPSS
0.005
Percentile
77.8%
Unspecified vulnerability in the download servlet in BEA Plumtree Collaboration 4.1 through SP2 and AquaLogic Interaction 4.2 through MP1 allows remote attackers to read arbitrary files via a crafted URL.
Affected configurations
Node
bea_systemsaqualogic_interactionMatch4.2
ORbea_systemsaqualogic_interactionMatch4.2_mp1
ORbea_systemsplumtree_collaborationMatch4.1
ORbea_systemsplumtree_collaborationMatch4.1_sp1
ORbea_systemsplumtree_collaborationMatch4.1_sp2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| bea_systems | aqualogic_interaction | 4.2 | cpe:2.3:a:bea_systems:aqualogic_interaction:4.2:*:*:*:*:*:*:* |
| bea_systems | aqualogic_interaction | 4.2_mp1 | cpe:2.3:a:bea_systems:aqualogic_interaction:4.2_mp1:*:*:*:*:*:*:* |
| bea_systems | plumtree_collaboration | 4.1 | cpe:2.3:a:bea_systems:plumtree_collaboration:4.1:*:*:*:*:*:*:* |
| bea_systems | plumtree_collaboration | 4.1_sp1 | cpe:2.3:a:bea_systems:plumtree_collaboration:4.1_sp1:*:*:*:*:*:*:* |
| bea_systems | plumtree_collaboration | 4.1_sp2 | cpe:2.3:a:bea_systems:plumtree_collaboration:4.1_sp2:*:*:*:*:*:*:* |
Related
prion
prion
Security feature bypass
2008-02-22 21:44:00
nvd
nvd
CVE-2008-0904
2008-02-22 21:44:00
cvelist
cvelist
CVE-2008-0904
2008-02-22 21:00:00
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
AI Score
6.6
Confidence
High
EPSS
0.005
Percentile
77.8%
Related for CVE-2008-0904