7.5
CVE-2003-1046
- EPSS 1.35%
- Veröffentlicht 18.08.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:03:25
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
describecomponents.cgi in Bugzilla 2.17.3 and 2.17.4 does not properly verify group membership when bug entry groups are used, which allows remote attackers to list component descriptions for otherwise restricted products.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.35% | 0.678 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://www.securityfocus.com/archive/1/343185
http://www.securityfocus.com/bid/8953
http://bugzilla.mozilla.org/show_bug.cgi?id=209742
https://exchange.xforce.ibmcloud.com/vulnerabilities/13602