Lucene search

[email protected]CVE-2008-7219

HistoryOct 03, 2022 - 4:13 p.m.

CVE-2008-7219

2022-10-0316:13:53

CWE-264

[email protected]

web.nvd.nist.gov

cve-2008-7219

horde kronolith

nag

mnemo

groupware

webmail

security vulnerability

ownership validation

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

79.6%

JSON

Horde Kronolith H3 2.1 before 2.1.7 and 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and H3 2.2 before 2.2-RC2; Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 does not validate ownership when performing share changes, which has unknown impact and attack vectors.

Affected configurations

NVD

Node

hordegroupwareMatch1.0

hordegroupwareMatch1.0.1

hordegroupwareMatch1.0.2

hordegroupwareMatch1.1

hordegroupware_webmail_editionMatch1.0

hordegroupware_webmail_editionMatch1.0.2

hordegroupware_webmail_editionMatch1.0.3

hordegroupware_webmail_editionMatch1.1

hordekronolith_h3Match2.1

hordekronolith_h3Match2.1.1

hordekronolith_h3Match2.1.2

hordekronolith_h3Match2.1.3

hordekronolith_h3Match2.1.4

hordekronolith_h3Match2.1.5

hordekronolith_h3Match2.1.6

hordekronolith_h3Match2.2

hordemnemo_h3Match2.1

hordemnemo_h3Match2.1.1

hordemnemo_h3Match2.2

hordenag_h3Match2.1

hordenag_h3Match2.1.1

hordenag_h3Match2.1.2

hordenag_h3Match2.1.3

hordenag_h3Match2.2

CPENameOperatorVersion
horde:groupwarehorde groupwareeq1.0
horde:groupwarehorde groupwareeq1.0.1
horde:groupwarehorde groupwareeq1.0.2
horde:groupwarehorde groupwareeq1.1
horde:groupware_webmail_editionhorde groupware webmail editioneq1.0
horde:groupware_webmail_editionhorde groupware webmail editioneq1.0.2
horde:groupware_webmail_editionhorde groupware webmail editioneq1.0.3
horde:groupware_webmail_editionhorde groupware webmail editioneq1.1
horde:kronolith_h3horde kronolith h3eq2.1
horde:kronolith_h3horde kronolith h3eq2.1.1

CPE	Name	Operator	Version
horde:groupware	horde groupware	eq	1.0
horde:groupware	horde groupware	eq	1.0.1
horde:groupware	horde groupware	eq	1.0.2
horde:groupware	horde groupware	eq	1.1
horde:groupware_webmail_edition	horde groupware webmail edition	eq	1.0
horde:groupware_webmail_edition	horde groupware webmail edition	eq	1.0.2
horde:groupware_webmail_edition	horde groupware webmail edition	eq	1.0.3
horde:groupware_webmail_edition	horde groupware webmail edition	eq	1.1
horde:kronolith_h3	horde kronolith h3	eq	2.1
horde:kronolith_h3	horde kronolith h3	eq	2.1.1

Rows per page:

1-10 of 241

References

lists.horde.org/archives/announce/2008/000362.html

lists.horde.org/archives/announce/2008/000363.html

lists.horde.org/archives/announce/2008/000364.html

lists.horde.org/archives/announce/2008/000365.html

lists.horde.org/archives/announce/2008/000366.html

lists.horde.org/archives/announce/2008/000368.html

lists.horde.org/archives/announce/2008/000369.html

lists.horde.org/archives/announce/2008/000371.html

lists.horde.org/archives/announce/2008/000376.html

lists.horde.org/archives/announce/2008/000377.html

secunia.com/advisories/28382

www.securityfocus.com/bid/27217

www.redhat.com/archives/fedora-package-announce/2008-March/msg00176.html

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

79.6%

JSON

Related for CVE-2008-7219

cvelist1 ubuntucve1 prion1 nvd1 openvas2 nessus1