CVE-2017-15883

2018-01-0819:00:00

mitre

www.cve.org

AI Score

9.6

Confidence

High

EPSS

0.007

Percentile

80.6%

JSON

Sitefinity 5.1, 5.2, 5.3, 5.4, 6.x, 7.x, 8.x, 9.x, and 10.x allow remote attackers to bypass authentication and consequently cause a denial of service on load balanced sites or gain privileges via vectors related to weak cryptography.

References

knowledgebase.progress.com/articles/Article/Sitefinity-Security-Advisory-for-cryptographic-vulnerability-CVE-2017-15883

www.mnemonic.no/news/2017/vulnerability-finding-sitefinity-cms/