Lucene search

MitreCVE-2014-6232

HistorySep 11, 2014 - 2:16 p.m.

CVE-2014-6232

2014-09-1114:16:04

mitre

web.nvd.nist.gov

cve-2014-6232

ldap

eu_ldap

typo3

vulnerability

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

AI Score

5.9

Confidence

Low

EPSS

0.002

Percentile

55.2%

JSON

Unspecified vulnerability in the LDAP (eu_ldap) extension before 2.8.18 for TYPO3 allows remote authenticated users to obtain sensitive information via unknown vectors.

Affected configurations

Nvd

Node

ldap_projectldapRange≤2.8.17typo3

VendorProductVersionCPE
ldap_projectldap*cpe:2.3:a:ldap_project:ldap:*:*:*:*:*:typo3:*:*

Vendor	Product	Version	CPE
ldap_project	ldap	*	cpe:2.3:a:ldap_project:ldap::::::typo3::*

References

secunia.com/advisories/60886

typo3.org/extensions/repository/view/eu_ldap

typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010

www.securityfocus.com/bid/69565

exchange.xforce.ibmcloud.com/vulnerabilities/95701

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

AI Score

5.9

Confidence

Low

EPSS

0.002

Percentile

55.2%

JSON

Related for CVE-2014-6232