Lucene search
HistoryAug 27, 2009 - 8:30 p.m.
CVE-2008-7100
cve-2008-7100
dotnetnuke
vulnerability
authentication bypass
user privileges
nvd
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
6.8 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
70.8%
Unspecified vulnerability in DotNetNuke 4.4.1 through 4.8.4 allows remote authenticated users to bypass authentication and gain privileges via unknown vectors related to a “unique id” for user actions and improper validation of a “user identity.”
Affected configurations
Node
dotnetnukedotnetnukeMatch4.4.1
ORdotnetnukedotnetnukeMatch4.5.2
ORdotnetnukedotnetnukeMatch4.5.4
ORdotnetnukedotnetnukeMatch4.5.5
ORdotnetnukedotnetnukeMatch4.6.0
ORdotnetnukedotnetnukeMatch4.6.1
ORdotnetnukedotnetnukeMatch4.6.2
ORdotnetnukedotnetnukeMatch4.7.0
ORdotnetnukedotnetnukeMatch4.8.0
ORdotnetnukedotnetnukeMatch4.8.1
ORdotnetnukedotnetnukeMatch4.8.2
ORdotnetnukedotnetnukeMatch4.8.3
ORdotnetnukedotnetnukeMatch4.8.4
Related
nvd
nvd
CVE-2008-7100
2009-08-27 20:30:00
prion
prion
Authentication flaw
2009-08-27 20:30:00
cvelist
cvelist
CVE-2008-7100
2009-08-27 20:00:00
openvas
openvas
DotNetNuke 4.4.1 - 4.8.4 Identity Authentication Bypass Vulnerability
2009-09-03 00:00:00
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
6.8 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
70.8%
Related for CVE-2008-7100