6.8

CVE-2008-1883

Exploit

EPSS 1.26%
Veröffentlicht 18.04.2008 15:05:00
Zuletzt bearbeitet 16.06.2026 22:52:41
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The server in Blackboard Academic Suite 7.x stores MD5 password hashes that are provided directly by clients, which makes it easier for remote attackers to access accounts via a modified client that skips the javascript/md5.js hash calculation, and instead sends an arbitrary MD5 string.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 8

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Blackboard ≫ Blackboard Academic Suite Version <= 7

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.26%	0.659

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://secskill.wordpress.com/2008/03/27/hacking-blackboard-academic-suite-2/

Exploit

http://securityreason.com/securityalert/3810

http://www.scribd.com/doc/2363025/Hacking-Blackboard-Academic-Suite

Exploit

http://www.securityfocus.com/archive/1/490096/100/0/threaded

https://exchange.xforce.ibmcloud.com/vulnerabilities/41935

https://nvd.nist.gov/vuln/detail/CVE-2008-1883

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-1883

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-1883

EUVD