CVE-2008-1475

EPSS 0.47%
Published 24.03.2008 22:44:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

The xml-rpc server in Roundup 1.4.4 does not check property permissions, which allows attackers to bypass restrictions and edit or read restricted properties via the (1) list, (2) display, and (3) set methods.

Affected products Warnungen 0 Metrics 2 CWE 0 References 17

Data is provided by the National Vulnerability Database (NVD)

Roundup-tracker ≫ Roundup Version <= 1.4.3

Roundup-tracker ≫ Roundup Version0.1.0

Roundup-tracker ≫ Roundup Version0.1.1

Roundup-tracker ≫ Roundup Version0.1.2

Roundup-tracker ≫ Roundup Version0.1.3

Roundup-tracker ≫ Roundup Version0.2.0

Roundup-tracker ≫ Roundup Version0.2.1

Roundup-tracker ≫ Roundup Version0.2.2

Roundup-tracker ≫ Roundup Version0.2.3

Roundup-tracker ≫ Roundup Version0.2.4

Roundup-tracker ≫ Roundup Version0.2.5

Roundup-tracker ≫ Roundup Version0.2.6

Roundup-tracker ≫ Roundup Version0.2.7

Roundup-tracker ≫ Roundup Version0.2.8

Roundup-tracker ≫ Roundup Version0.3.0

Roundup-tracker ≫ Roundup Version0.3.0 Updatepre1

Roundup-tracker ≫ Roundup Version0.3.0 Updatepre2

Roundup-tracker ≫ Roundup Version0.3.0 Updatepre3

Roundup-tracker ≫ Roundup Version0.4.0

Roundup-tracker ≫ Roundup Version0.4.0 Updateb1

Roundup-tracker ≫ Roundup Version0.4.0 Updateb2

Roundup-tracker ≫ Roundup Version0.4.1

Roundup-tracker ≫ Roundup Version0.4.2

Roundup-tracker ≫ Roundup Version0.4.2 Updatepr1

Roundup-tracker ≫ Roundup Version0.5

Roundup-tracker ≫ Roundup Version0.5.0

Roundup-tracker ≫ Roundup Version0.5.0 Updatebeta1

Roundup-tracker ≫ Roundup Version0.5.0 Updatebeta2

Roundup-tracker ≫ Roundup Version0.5.0 Updatepr1

Roundup-tracker ≫ Roundup Version0.5.1

Roundup-tracker ≫ Roundup Version0.5.2

Roundup-tracker ≫ Roundup Version0.5.3

Roundup-tracker ≫ Roundup Version0.5.4

Roundup-tracker ≫ Roundup Version0.5.5

Roundup-tracker ≫ Roundup Version0.5.6

Roundup-tracker ≫ Roundup Version0.5.7

Roundup-tracker ≫ Roundup Version0.5.8 Updatestable

Roundup-tracker ≫ Roundup Version0.5.9

Roundup-tracker ≫ Roundup Version0.6.0

Roundup-tracker ≫ Roundup Version0.6.0 Updateb1

Roundup-tracker ≫ Roundup Version0.6.0 Updateb2

Roundup-tracker ≫ Roundup Version0.6.0 Updateb3

Roundup-tracker ≫ Roundup Version0.6.0 Updateb4

Roundup-tracker ≫ Roundup Version0.6.1

Roundup-tracker ≫ Roundup Version0.6.2

Roundup-tracker ≫ Roundup Version0.6.3

Roundup-tracker ≫ Roundup Version0.6.4

Roundup-tracker ≫ Roundup Version0.6.5

Roundup-tracker ≫ Roundup Version0.6.6

Roundup-tracker ≫ Roundup Version0.6.7

Roundup-tracker ≫ Roundup Version0.6.8

Roundup-tracker ≫ Roundup Version0.6.9

Roundup-tracker ≫ Roundup Version0.6.10

Roundup-tracker ≫ Roundup Version0.6.11

Roundup-tracker ≫ Roundup Version0.7.0

Roundup-tracker ≫ Roundup Version0.7.0 Updateb1

Roundup-tracker ≫ Roundup Version0.7.0 Updateb2

Roundup-tracker ≫ Roundup Version0.7.0 Updateb3

Roundup-tracker ≫ Roundup Version0.7.1

Roundup-tracker ≫ Roundup Version0.7.2

Roundup-tracker ≫ Roundup Version0.7.3

Roundup-tracker ≫ Roundup Version0.7.4

Roundup-tracker ≫ Roundup Version0.7.5

Roundup-tracker ≫ Roundup Version0.7.6

Roundup-tracker ≫ Roundup Version0.7.7

Roundup-tracker ≫ Roundup Version0.7.8

Roundup-tracker ≫ Roundup Version0.7.9

Roundup-tracker ≫ Roundup Version0.7.10

Roundup-tracker ≫ Roundup Version0.7.11

Roundup-tracker ≫ Roundup Version0.7.12

Roundup-tracker ≫ Roundup Version0.8.0

Roundup-tracker ≫ Roundup Version0.8.0 Updateb1

Roundup-tracker ≫ Roundup Version0.8.0 Updateb2

Roundup-tracker ≫ Roundup Version0.8.1

Roundup-tracker ≫ Roundup Version0.8.2

Roundup-tracker ≫ Roundup Version0.8.3

Roundup-tracker ≫ Roundup Version0.8.4

Roundup-tracker ≫ Roundup Version0.8.5

Roundup-tracker ≫ Roundup Version0.8.6

Roundup-tracker ≫ Roundup Version0.9.0 Updateb1

Roundup-tracker ≫ Roundup Version1.0

Roundup-tracker ≫ Roundup Version1.0.1

Roundup-tracker ≫ Roundup Version1.1.0

Roundup-tracker ≫ Roundup Version1.1.1

Roundup-tracker ≫ Roundup Version1.1.2

Roundup-tracker ≫ Roundup Version1.2.0

Roundup-tracker ≫ Roundup Version1.2.1

Roundup-tracker ≫ Roundup Version1.3.0

Roundup-tracker ≫ Roundup Version1.3.1

Roundup-tracker ≫ Roundup Version1.3.2

Roundup-tracker ≫ Roundup Version1.3.3

Roundup-tracker ≫ Roundup Version1.4.0

Roundup-tracker ≫ Roundup Version1.4.1

Roundup-tracker ≫ Roundup Version1.4.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.47%	0.635

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.4	10	4.9	AV:N/AC:L/Au:N/C:P/I:P/A:N

http://secunia.com/advisories/29336

Vendor Advisory

http://secunia.com/advisories/29375

Vendor Advisory

http://secunia.com/advisories/30274

http://security.gentoo.org/glsa/glsa-200805-21.xml

http://www.vupen.com/english/advisories/2008/0891

https://bugzilla.redhat.com/show_bug.cgi?id=436546

https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00264.html

https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00375.html

http://secunia.com/advisories/32805

http://sourceforge.net/tracker/index.php?func=detail&aid=1907211&group_id=31577&atid=402788

http://www.securityfocus.com/bid/28238

https://exchange.xforce.ibmcloud.com/vulnerabilities/41240

https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00452.html

https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00478.html

https://nvd.nist.gov/vuln/detail/CVE-2008-1475

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-1475

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-1475

EUVD