5
CVE-2008-6886
- EPSS 1.49%
- Veröffentlicht 03.08.2009 14:30:00
- Zuletzt bearbeitet 16.06.2026 23:03:10
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
RSA EnVision 3.5.0, 3.5.1, 3.5.2, and 3.7.0 does not properly restrict access to unspecified user profile functionality, which allows remote attackers to obtain the administrator password hash and conduct brute force guessing attacks.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.49% | 0.707 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
http://marc.info/?l=bugtraq&m=122765140110581&w=2
http://secunia.com/advisories/32883
http://www.osvdb.org/50273
http://www.secfault.org/?p=78
http://www.securityfocus.com/bid/32473
http://www.vupen.com/english/advisories/2008/3288
https://exchange.xforce.ibmcloud.com/vulnerabilities/46884