Lucene search
MitreCVE-2010-1596HistoryApr 28, 2010 - 11:30 p.m.
CVE-2010-1596
2010-04-2823:30:00
CWE-287
mitre
web.nvd.nist.gov
27
cve-2010-1596
support incident tracker
ldap authentication
remote attackers
authentication bypass
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.017
Percentile
87.8%
Support Incident Tracker before 3.51, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password.
Affected configurations
Node
sitrackersupport_incident_trackerRange≤3.50
ORsitrackersupport_incident_trackerMatch3.21
ORsitrackersupport_incident_trackerMatch3.22
ORsitrackersupport_incident_trackerMatch3.22pl1
ORsitrackersupport_incident_trackerMatch3.23
ORsitrackersupport_incident_trackerMatch3.24
ORsitrackersupport_incident_trackerMatch3.24beta-2
ORsitrackersupport_incident_trackerMatch3.30
ORsitrackersupport_incident_trackerMatch3.30beta2
ORsitrackersupport_incident_trackerMatch3.31
ORsitrackersupport_incident_trackerMatch3.32
ORsitrackersupport_incident_trackerMatch3.33
ORsitrackersupport_incident_trackerMatch3.35
ORsitrackersupport_incident_trackerMatch3.35beta1
ORsitrackersupport_incident_trackerMatch3.36
ORsitrackersupport_incident_trackerMatch3.40
ORsitrackersupport_incident_trackerMatch3.40beta1
ORsitrackersupport_incident_trackerMatch3.41
ORsitrackersupport_incident_trackerMatch3.45
ORsitrackersupport_incident_trackerMatch3.45beta1
ORsitrackersupport_incident_trackerMatch3.50beta1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sitracker | support_incident_tracker | * | cpe:2.3:a:sitracker:support_incident_tracker:*:*:*:*:*:*:*:* |
| sitracker | support_incident_tracker | 3.21 | cpe:2.3:a:sitracker:support_incident_tracker:3.21:*:*:*:*:*:*:* |
| sitracker | support_incident_tracker | 3.22 | cpe:2.3:a:sitracker:support_incident_tracker:3.22:*:*:*:*:*:*:* |
| sitracker | support_incident_tracker | 3.22pl1 | cpe:2.3:a:sitracker:support_incident_tracker:3.22pl1:*:*:*:*:*:*:* |
| sitracker | support_incident_tracker | 3.23 | cpe:2.3:a:sitracker:support_incident_tracker:3.23:*:*:*:*:*:*:* |
| sitracker | support_incident_tracker | 3.24 | cpe:2.3:a:sitracker:support_incident_tracker:3.24:*:*:*:*:*:*:* |
| sitracker | support_incident_tracker | 3.24 | cpe:2.3:a:sitracker:support_incident_tracker:3.24:beta-2:*:*:*:*:*:* |
| sitracker | support_incident_tracker | 3.30 | cpe:2.3:a:sitracker:support_incident_tracker:3.30:*:*:*:*:*:*:* |
| sitracker | support_incident_tracker | 3.30 | cpe:2.3:a:sitracker:support_incident_tracker:3.30:beta2:*:*:*:*:*:* |
| sitracker | support_incident_tracker | 3.31 | cpe:2.3:a:sitracker:support_incident_tracker:3.31:*:*:*:*:*:*:* |
Related
openvas
openvas
SiT! Support Incident Tracker < 3.51 Authentication Bypass Vulnerability
2010-01-26 00:00:00
Support Incident Tracker Blank Password Authentication Bypass Vulnerability
2010-01-26 00:00:00
prion
prion
Authentication flaw
2010-04-28 23:30:00
nvd
nvd
CVE-2010-1596
2010-04-28 23:30:00
cvelist
cvelist
CVE-2010-1596
2010-04-28 23:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.017
Percentile
87.8%
Related for CVE-2010-1596