7.5
CVE-2008-0893
- EPSS 2.01%
- Veröffentlicht 16.04.2008 18:05:00
- Zuletzt bearbeitet 16.06.2026 22:50:33
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, does not properly restrict access to CGI scripts, which allows remote attackers to perform administrative actions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Directory Server Version8.0 Updateel4
Redhat ≫ Directory Server Version8.0 Updateel5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.01% | 0.783 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/29761
http://secunia.com/advisories/29826
http://www.redhat.com/support/errata/RHSA-2008-0201.html
http://www.securityfocus.com/bid/28802
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00380.html
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00386.html
http://www.securitytracker.com/id?1019857
https://bugzilla.redhat.com/show_bug.cgi?id=437320
https://exchange.xforce.ibmcloud.com/vulnerabilities/41843