CVE-2008-1475

EPSS 0.47%
Veröffentlicht 24.03.2008 22:44:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The xml-rpc server in Roundup 1.4.4 does not check property permissions, which allows attackers to bypass restrictions and edit or read restricted properties via the (1) list, (2) display, and (3) set methods.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 17

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Roundup-tracker ≫ Roundup Version <= 1.4.3

Roundup-tracker ≫ Roundup Version0.1.0

Roundup-tracker ≫ Roundup Version0.1.1

Roundup-tracker ≫ Roundup Version0.1.2

Roundup-tracker ≫ Roundup Version0.1.3

Roundup-tracker ≫ Roundup Version0.2.0

Roundup-tracker ≫ Roundup Version0.2.1

Roundup-tracker ≫ Roundup Version0.2.2

Roundup-tracker ≫ Roundup Version0.2.3

Roundup-tracker ≫ Roundup Version0.2.4

Roundup-tracker ≫ Roundup Version0.2.5

Roundup-tracker ≫ Roundup Version0.2.6

Roundup-tracker ≫ Roundup Version0.2.7

Roundup-tracker ≫ Roundup Version0.2.8

Roundup-tracker ≫ Roundup Version0.3.0

Roundup-tracker ≫ Roundup Version0.3.0 Updatepre1

Roundup-tracker ≫ Roundup Version0.3.0 Updatepre2

Roundup-tracker ≫ Roundup Version0.3.0 Updatepre3

Roundup-tracker ≫ Roundup Version0.4.0

Roundup-tracker ≫ Roundup Version0.4.0 Updateb1

Roundup-tracker ≫ Roundup Version0.4.0 Updateb2

Roundup-tracker ≫ Roundup Version0.4.1

Roundup-tracker ≫ Roundup Version0.4.2

Roundup-tracker ≫ Roundup Version0.4.2 Updatepr1

Roundup-tracker ≫ Roundup Version0.5

Roundup-tracker ≫ Roundup Version0.5.0

Roundup-tracker ≫ Roundup Version0.5.0 Updatebeta1

Roundup-tracker ≫ Roundup Version0.5.0 Updatebeta2

Roundup-tracker ≫ Roundup Version0.5.0 Updatepr1

Roundup-tracker ≫ Roundup Version0.5.1

Roundup-tracker ≫ Roundup Version0.5.2

Roundup-tracker ≫ Roundup Version0.5.3

Roundup-tracker ≫ Roundup Version0.5.4

Roundup-tracker ≫ Roundup Version0.5.5

Roundup-tracker ≫ Roundup Version0.5.6

Roundup-tracker ≫ Roundup Version0.5.7

Roundup-tracker ≫ Roundup Version0.5.8 Updatestable

Roundup-tracker ≫ Roundup Version0.5.9

Roundup-tracker ≫ Roundup Version0.6.0

Roundup-tracker ≫ Roundup Version0.6.0 Updateb1

Roundup-tracker ≫ Roundup Version0.6.0 Updateb2

Roundup-tracker ≫ Roundup Version0.6.0 Updateb3

Roundup-tracker ≫ Roundup Version0.6.0 Updateb4

Roundup-tracker ≫ Roundup Version0.6.1

Roundup-tracker ≫ Roundup Version0.6.2

Roundup-tracker ≫ Roundup Version0.6.3

Roundup-tracker ≫ Roundup Version0.6.4

Roundup-tracker ≫ Roundup Version0.6.5

Roundup-tracker ≫ Roundup Version0.6.6

Roundup-tracker ≫ Roundup Version0.6.7

Roundup-tracker ≫ Roundup Version0.6.8

Roundup-tracker ≫ Roundup Version0.6.9

Roundup-tracker ≫ Roundup Version0.6.10

Roundup-tracker ≫ Roundup Version0.6.11

Roundup-tracker ≫ Roundup Version0.7.0

Roundup-tracker ≫ Roundup Version0.7.0 Updateb1

Roundup-tracker ≫ Roundup Version0.7.0 Updateb2

Roundup-tracker ≫ Roundup Version0.7.0 Updateb3

Roundup-tracker ≫ Roundup Version0.7.1

Roundup-tracker ≫ Roundup Version0.7.2

Roundup-tracker ≫ Roundup Version0.7.3

Roundup-tracker ≫ Roundup Version0.7.4

Roundup-tracker ≫ Roundup Version0.7.5

Roundup-tracker ≫ Roundup Version0.7.6

Roundup-tracker ≫ Roundup Version0.7.7

Roundup-tracker ≫ Roundup Version0.7.8

Roundup-tracker ≫ Roundup Version0.7.9

Roundup-tracker ≫ Roundup Version0.7.10

Roundup-tracker ≫ Roundup Version0.7.11

Roundup-tracker ≫ Roundup Version0.7.12

Roundup-tracker ≫ Roundup Version0.8.0

Roundup-tracker ≫ Roundup Version0.8.0 Updateb1

Roundup-tracker ≫ Roundup Version0.8.0 Updateb2

Roundup-tracker ≫ Roundup Version0.8.1

Roundup-tracker ≫ Roundup Version0.8.2

Roundup-tracker ≫ Roundup Version0.8.3

Roundup-tracker ≫ Roundup Version0.8.4

Roundup-tracker ≫ Roundup Version0.8.5

Roundup-tracker ≫ Roundup Version0.8.6

Roundup-tracker ≫ Roundup Version0.9.0 Updateb1

Roundup-tracker ≫ Roundup Version1.0

Roundup-tracker ≫ Roundup Version1.0.1

Roundup-tracker ≫ Roundup Version1.1.0

Roundup-tracker ≫ Roundup Version1.1.1

Roundup-tracker ≫ Roundup Version1.1.2

Roundup-tracker ≫ Roundup Version1.2.0

Roundup-tracker ≫ Roundup Version1.2.1

Roundup-tracker ≫ Roundup Version1.3.0

Roundup-tracker ≫ Roundup Version1.3.1

Roundup-tracker ≫ Roundup Version1.3.2

Roundup-tracker ≫ Roundup Version1.3.3

Roundup-tracker ≫ Roundup Version1.4.0

Roundup-tracker ≫ Roundup Version1.4.1

Roundup-tracker ≫ Roundup Version1.4.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.47%	0.635

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.4	10	4.9	AV:N/AC:L/Au:N/C:P/I:P/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://secunia.com/advisories/29336

Vendor Advisory

http://secunia.com/advisories/29375

Vendor Advisory

http://secunia.com/advisories/30274

http://security.gentoo.org/glsa/glsa-200805-21.xml

http://www.vupen.com/english/advisories/2008/0891

https://bugzilla.redhat.com/show_bug.cgi?id=436546

https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00264.html

https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00375.html

http://secunia.com/advisories/32805

http://sourceforge.net/tracker/index.php?func=detail&aid=1907211&group_id=31577&atid=402788

http://www.securityfocus.com/bid/28238

https://exchange.xforce.ibmcloud.com/vulnerabilities/41240

https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00452.html

https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00478.html

https://nvd.nist.gov/vuln/detail/CVE-2008-1475

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-1475

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-1475

EUVD