5
CVE-2011-0435
- EPSS 0.83%
- Veröffentlicht 07.03.2011 21:00:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginDomain Technologie Control (DTC) before 0.32.9 does not require authentication for (1) admin/bw_per_month.php and (2) client/bw_per_month.php, which allows remote attackers to obtain potentially sensitive bandwidth information via a direct request.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Gplhost ≫ Domain Technologie Control Version <= 0.32.8
Gplhost ≫ Domain Technologie Control Version0.24.6
Gplhost ≫ Domain Technologie Control Version0.25.1
Gplhost ≫ Domain Technologie Control Version0.25.2
Gplhost ≫ Domain Technologie Control Version0.25.3
Gplhost ≫ Domain Technologie Control Version0.26.7
Gplhost ≫ Domain Technologie Control Version0.26.8
Gplhost ≫ Domain Technologie Control Version0.26.9
Gplhost ≫ Domain Technologie Control Version0.27.3
Gplhost ≫ Domain Technologie Control Version0.28.2
Gplhost ≫ Domain Technologie Control Version0.28.3
Gplhost ≫ Domain Technologie Control Version0.28.4
Gplhost ≫ Domain Technologie Control Version0.28.6
Gplhost ≫ Domain Technologie Control Version0.28.9
Gplhost ≫ Domain Technologie Control Version0.28.10
Gplhost ≫ Domain Technologie Control Version0.29.1
Gplhost ≫ Domain Technologie Control Version0.29.6
Gplhost ≫ Domain Technologie Control Version0.29.8
Gplhost ≫ Domain Technologie Control Version0.29.10
Gplhost ≫ Domain Technologie Control Version0.29.14
Gplhost ≫ Domain Technologie Control Version0.29.15
Gplhost ≫ Domain Technologie Control Version0.29.16
Gplhost ≫ Domain Technologie Control Version0.29.17
Gplhost ≫ Domain Technologie Control Version0.30.6
Gplhost ≫ Domain Technologie Control Version0.30.8
Gplhost ≫ Domain Technologie Control Version0.30.10
Gplhost ≫ Domain Technologie Control Version0.30.18
Gplhost ≫ Domain Technologie Control Version0.30.20
Gplhost ≫ Domain Technologie Control Version0.32.1
Gplhost ≫ Domain Technologie Control Version0.32.2
Gplhost ≫ Domain Technologie Control Version0.32.3
Gplhost ≫ Domain Technologie Control Version0.32.4
Gplhost ≫ Domain Technologie Control Version0.32.5
Gplhost ≫ Domain Technologie Control Version0.32.6
Gplhost ≫ Domain Technologie Control Version0.32.7
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.83% | 0.724 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.