Veracode Vulnerability DatabaseVERACODE:46700Authorization Bypass
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
83.8%
roundup is vulnerable to Authorization Bypass. The vulnerability is due to improper property permissions checks, allowing unauthorized manipulation or access to restricted properties through certain methods.
References
secunia.com/advisories/29336
secunia.com/advisories/29375
secunia.com/advisories/30274
secunia.com/advisories/32805
security.gentoo.org/glsa/glsa-200805-21.xml
sourceforge.net/tracker/index.php?func=detail&aid=1907211&group_id=31577&atid=402788
www.securityfocus.com/bid/28238
www.vupen.com/english/advisories/2008/0891
bugzilla.redhat.com/show_bug.cgi?id=436546
exchange.xforce.ibmcloud.com/vulnerabilities/41240
github.com/advisories/GHSA-j59j-h3g7-cpmf
github.com/roundup-tracker/roundup/commit/c00b7e5801f8baa246fa76b4aad5287882310189
www.redhat.com/archives/fedora-package-announce/2008-March/msg00264.html
www.redhat.com/archives/fedora-package-announce/2008-March/msg00375.html
www.redhat.com/archives/fedora-package-announce/2008-November/msg00452.html
www.redhat.com/archives/fedora-package-announce/2008-November/msg00478.html
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
83.8%