7.5

CVE-2007-1923

EPSS 1.15%
Veröffentlicht 10.04.2007 23:19:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

(1) LedgerSMB and (2) DWS Systems SQL-Ledger implement access control lists by changing the set of URLs linked from menus, which allows remote attackers to access restricted functionality via direct requests. The LedgerSMB affected versions are before 1.3.0.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ledgersmb ≫ Ledgersmb Version < 1.3.0

Sql-ledger ≫ Sql-ledger Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.15%	0.776

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://osvdb.org/38217

Broken Link

http://osvdb.org/38218

Broken Link

http://securityreason.com/securityalert/2552

Third Party Advisory

http://www.securityfocus.com/archive/1/464880/100/0/threaded

Third Party Advisory

VDB Entry

http://www.securityfocus.com/bid/23352

Third Party Advisory

Broken Link

VDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/33494

Third Party Advisory

VDB Entry

https://github.com/ledgersmb/LedgerSMB/blob/master/Changelog

Release Notes

https://nvd.nist.gov/vuln/detail/CVE-2007-1923

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-1923

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-1923

EUVD