4.3
CVE-2006-0511
- EPSS 0.18%
- Veröffentlicht 01.02.2006 23:02:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginBlackboard Academic Suite 6.0 and earlier does not properly clear session information when de-authenticating a user who is idle, which allows subsequent users to log in as the previous user and gain privileges. NOTE: the vendor has disputed this issue, saying that "This is a customer specific issue related to their Kerberos authentication single sign-on application and not a vulnerability in the Blackboard product.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Blackboard ≫ Blackboard Version5.0
Blackboard ≫ Blackboard Version5.0.2
Blackboard ≫ Blackboard Version5.5
Blackboard ≫ Blackboard Version5.5.1
Blackboard ≫ Blackboard Version6.0
Blackboard ≫ Blackboard Academic Suite Version6.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.18% | 0.394 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 3.1 | 6.4 |
AV:L/AC:L/Au:S/C:P/I:P/A:P
|