Lucene search

[email protected]NVD:CVE-2008-6298

HistoryFeb 26, 2009 - 4:17 p.m.

CVE-2008-6298

2009-02-2616:17:19

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.7

Confidence

Low

EPSS

0.006

Percentile

79.3%

JSON

Unspecified vulnerability in sISAPILocation before 1.0.2.2 allows remote attackers to bypass intended access restrictions for character encoding and the cookie secure flag via unknown vectors related to the “HTTP header rewrite function.”

Affected configurations

Nvd

Node

rocketeer.dipsisapilocationRange≤1.0.2.0

rocketeer.dipsisapilocationMatch1.0.1.3

rocketeer.dipsisapilocationMatch1.0.1.4

VendorProductVersionCPE
rocketeer.dipsisapilocation*cpe:2.3:a:rocketeer.dip:sisapilocation:*:*:*:*:*:*:*:*
rocketeer.dipsisapilocation1.0.1.3cpe:2.3:a:rocketeer.dip:sisapilocation:1.0.1.3:*:*:*:*:*:*:*
rocketeer.dipsisapilocation1.0.1.4cpe:2.3:a:rocketeer.dip:sisapilocation:1.0.1.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
rocketeer.dip	sisapilocation	*	cpe:2.3:a:rocketeer.dip:sisapilocation::::::::
rocketeer.dip	sisapilocation	1.0.1.3	cpe:2.3:a:rocketeer.dip:sisapilocation:1.0.1.3:::::::*
rocketeer.dip	sisapilocation	1.0.1.4	cpe:2.3:a:rocketeer.dip:sisapilocation:1.0.1.4:::::::*

References

jvn.jp/en/jp/JVN67060882/index.html

jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000076.html

rocketeer.dip.jp/sanaki/free/free100.htm

secunia.com/advisories/32581

www.securityfocus.com/bid/32247

www.vupen.com/english/advisories/2008/3105

exchange.xforce.ibmcloud.com/vulnerabilities/46516

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.7

Confidence

Low

EPSS

0.006

Percentile

79.3%

JSON

Related for NVD:CVE-2008-6298

prion1 cve1 cvelist1