Lucene search
HistoryFeb 22, 2008 - 9:44 p.m.
CVE-2008-0904
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
AI Score
6.6
Confidence
Low
EPSS
0.005
Percentile
77.8%
Unspecified vulnerability in the download servlet in BEA Plumtree Collaboration 4.1 through SP2 and AquaLogic Interaction 4.2 through MP1 allows remote attackers to read arbitrary files via a crafted URL.
Affected configurations
Node
bea_systemsaqualogic_interactionMatch4.2
ORbea_systemsaqualogic_interactionMatch4.2_mp1
ORbea_systemsplumtree_collaborationMatch4.1
ORbea_systemsplumtree_collaborationMatch4.1_sp1
ORbea_systemsplumtree_collaborationMatch4.1_sp2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| bea_systems | aqualogic_interaction | 4.2 | cpe:2.3:a:bea_systems:aqualogic_interaction:4.2:*:*:*:*:*:*:* |
| bea_systems | aqualogic_interaction | 4.2_mp1 | cpe:2.3:a:bea_systems:aqualogic_interaction:4.2_mp1:*:*:*:*:*:*:* |
| bea_systems | plumtree_collaboration | 4.1 | cpe:2.3:a:bea_systems:plumtree_collaboration:4.1:*:*:*:*:*:*:* |
| bea_systems | plumtree_collaboration | 4.1_sp1 | cpe:2.3:a:bea_systems:plumtree_collaboration:4.1_sp1:*:*:*:*:*:*:* |
| bea_systems | plumtree_collaboration | 4.1_sp2 | cpe:2.3:a:bea_systems:plumtree_collaboration:4.1_sp2:*:*:*:*:*:*:* |
Related
prion
prion
Security feature bypass
2008-02-22 21:44:00
cvelist
cvelist
CVE-2008-0904
2008-02-22 21:00:00
cve
cve
CVE-2008-0904
2008-02-22 21:44:00
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
AI Score
6.6
Confidence
Low
EPSS
0.005
Percentile
77.8%
Related for NVD:CVE-2008-0904