7.5
CVE-2006-1386
- EPSS 1.74%
- Veröffentlicht 26.03.2006 22:02:00
- Zuletzt bearbeitet 16.06.2026 22:22:34
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The (1) rdiff and (2) preview scripts in TWiki 4.0 and 4.0.1 ignore access control settings, which allows remote attackers to read restricted areas and access restricted content in TWiki topics.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.74% | 0.747 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/19410
http://securitytracker.com/id?1015843
http://twiki.org/cgi-bin/view/Codev/SecurityAlertTWiki4RdiffPreviewAccess
http://www.securityfocus.com/bid/17268
http://www.vupen.com/english/advisories/2006/1116
https://exchange.xforce.ibmcloud.com/vulnerabilities/25444